GDPR

Why GDPR?

The GDPR stands for the General Data Protection Regulation, which is a comprehensive data privacy and security law that was enacted by the European Union (EU) in 2016 and came into effect in 2018. It affects businesses around the world, not just those based in the EU, if they target or collect data from people in the EU. The GDPR defines personal data as any information that relates to an identified or identifiable living individual, and sets out various principles and rights for how such data should be processed.

One of the key aspects of the GDPR is that it applies to any organization that either offers goods or services (even for free) to people in the EU, or monitors their behaviour, such as through online tracking or profiling. Profiling means using automated means to evaluate or predict aspects of a person’s personality, preferences, health, economic situation, performance, etc. Therefore, the GDPR can have jurisdiction over businesses that are not physically present in the EU, as long as they interact with people in the EU in these ways. This is known as the “extraterritorial” scope of the GDPR.

Process offered

Planning

The first step of the engagement, after signing the agreement. This helps Securis360 and the Client to understand the scope, objectives, timeline, methods, and roles for the testing.

A good plan is essential for a successful project. Securis360 follows standard process to ensure all the important aspects of the engagement are covered.

Understanding and kick off

The kick off marks the beginning of the engagement. Securis360 will set up a call before or at the start of the kick off to sort out any remaining issues. Securis360 will be ready to answer any questions from the client.

Securis360 makes sure to communicate before the testing and on-site visit begin, so that the project and team are stable and the client knows the plan.

Testing and Gathering

The main part of the compliance engagement is testing and gathering. This phase will involve collecting the evidence required for the goals agreed upon during the planning and understanding processes.

Securis360 has a policy of no surprises and keeps in touch with the stakeholders throughout the testing and gathering activities. Moreover, Securis360 will start preparing the draft deliverable to deliver it to the Client quickly after this phase.

Report

The final step of Securis360’s testing method is reporting, but the whole assessment aims to produce a deliverable that is clear, concise, and accurate.

The final step of Securis360’s testing method is reporting, but the whole assessment aims to produce a deliverable that is clear, concise, and accurate.