The EU’s General Data Protection Regulation (GDPR), which goes into effect on 25 May 2018, requires that organisations worldwide properly identify, track, and protect their EU customers’ personally identifiable information (PII). This may require overhauling and updating a number of internal processes, systems and ensuring appropriate training for your people as well as ensuring the compliance of any third parties working with your data on your behalf.
If one of your third parties fails to adhere to GDPR requirements and results in your customers’ personal data getting compromised, you are liable regardless of the circumstances. It is therefore vital that you undertake risk assessments relating to PII data that you may hold in order to deliver your business services.
Use RAP to smooth the way..
The Risk Assurance Platform supports your assessment of GDPR allowing you to not only identify risks and plan mitigation strategies for your own people, processes and systems, but it also provides for third party related risks to be identified and mitigated. You can minimise the work load on your people by allowing trusted third parties to access your RAP system and manage their own risks whilst giving you full audit and analytics visibility of the risk profiles.