Cookies policy

The SRM website uses cookies to store information on your computer. By continuing to browse this website you are agreeing to our use of cookies. Learn more

The cookies stored on your computer when using the SRM website are used to anonymously record your usage of the website using Google Analytics.

Please read our privacy policy for further information.

Cookies accepted

Thank you - you've accepted our cookies policy.

Are you ready for GDPR?

SRM’s step by step self-assessment guide to GDPR readiness

It is one thing knowing that GDPR is coming and that compliance is mandatory from 25th May 2018. It is quite another to know exactly what you need to do in order to be fully compliant. This Self Assessment Questionnaire has been developed to outline the key areas that need to be addressed and to provide a guide as to your current state of GDPR readiness.

days until GDPR

Page 1 of 13

About You

To help us to build a picture of your GDPR requirements and current level of readiness we will require some basic outline information. Once the questionnaire is completed you will have two choices. The first is simply to see roughly where you are in terms of readiness for GDPR but we strongly advise the second option which is to submit the form so that we can contact you to provide a more detailed analysis of what further steps you require and advice on how to do this. This will be free of charge and you will be under no obligation to engage our specialist GDPR team. If you do not opt for this, we will not contact you.

Awareness

Accountability & Governance

Do Data Protection Policies and Procedures exist for the data subject's rights:

A Subject Access Request (SAR) procedure is used to process requests from individuals to access their personal data

This is the right of an individual to have the data held on them corrected if necessary

Information Held

Communication of Data

Privacy by Design & Default

A Privacy Impact Assessment is conducted by an organization to audit its own processes to see how these processes affect or might compromise the privacy of the individuals whose data it holds, collects, or processes.

Data Protection Officer

Consent

Special Categories of Data

An EU term describing sensitive personal information, namely information pertaining to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership and the processing of data concerning health or sex life.

Children

Portability

Data Breach

Submission

This questionnaire has been designed to give an overview of the areas that need to be addressed to be GDPR compliant. It is not a formal assessment nor can it be used as evidence of GDPR compliance. To find out more about exactly what is required for your organisation to be compliant or to discuss any aspect of the questionnaire, please provide us with your contact details and submit. You will be under no obligation.

Your results

Implementation is complete or well underway towards becoming GDPR compliant

SRM can conduct a compliance review to ensure that the processes and documentation in place are compliant and perform a gap analysis to ensure that all relevant areas have been encompassed.

Implementation is underway but requires further work to become GDPR compliant

SRM can conduct a compliance review to ensure that the processes and documentation in place are compliant and perform a gap analysis to ensure that all relevant areas have been encompassed. If required SRM can also help to produce the relevant documentation and implement processes in the organisation.

A large amount of work is required to become GDPR compliant

SRM can help in a number of ways from producing documentation, creating an implementation plan, conducting a gap analysis and performing a data audit to identify where your PII resides.

A significant amount of work is required to become GDPR compliant

SRM can help in a number of ways from producing documentation, creating an implementation plan, conducting a gap analysis and performing a data audit to identify where your PII resides. We can also run the implementation project to allow you to go about your business as usual while compliance is achieved.