GDPR – An Ongoing Process of Compliance
For many organizations, preparing for the European Union’s (EU) General Data Protection Regulation (GDPR) has been a time-consuming endeavor. Unfortunately, the work is not over.
For many organizations, preparing for the European Union’s (EU) General Data Protection Regulation (GDPR) has been a time-consuming endeavor. Unfortunately, the work is not over. Now that GDPR is in effect, companies will need to do regular internal audits to assess their compliance levels.
Audits are very important, as accountability is one of the principles under the GDPR, and organizations are expected to monitor their privacy and compliance program as part of being compliant.
The main idea of an audit is to ensure that organizations can catch issues and thus demonstrate due diligence to the regulators if violations occur or they come under question. It’s an on-going process, companies are expected to comply with the regulation as well as have regular monitoring in place to ensure they remain compliant.
As the new GDPR requirements become a reality, organizations should be aware of their data privacy and security needs relating to their collection and handling of personal information.
Organizations must implement an appropriate level of security - encompassing both technical and organizational security controls - to prevent data loss, information leaks, or other unauthorized data processing operations. GDPR encourages companies to incorporate encryption, incident management, network and system integrity, and availability and resilience requirements into their security program.
ALLOut can provide an in-depth, relevant and experience-backed 2-day consulting service to help you ensure your GDPR compliance. Our experienced audit consultants will audit your security, and if necessary make recommendations to help you avoid security breaches of personal data.
Current Status
- Review of all JD Edwards modules in use
- Assessment of location of personal data
- Evaluation of Address Book Data Privacy
- Access Review of Additional Modules
- Evaluation of Current JDE Security Settings
- User Access Review
Workplan
- Users and Roles Review
- Security Types to Apply and Test
- Overcoming the Limitations of the Data Privacy Application
- Run Reports and Perform Queries
- Assignment and Testing Plan
Audience: Security Analyst, Business Analyst, Internal Auditor, CNC