Call us on 03450 21 21 51

GDPR Consultants
Cyber Security Consultants

GDPR Consultants

The skilled GDPR consultants here at SRM provide business-focused services to all sizes and types of organisations at all ends of the GDPR readiness spectrum.

What is the challenge?

The principles of the General Data Protection Regulation (GDPR) are enshrined in UK law and failure to adhere to them can result in significant fines. Yet there is currently no concrete GDPR compliance process. At the moment it is advisable to use the organisational governance requirements provided by the Payment Card Industry Data Security Standard (PCI DSS) or ISO 27001 which provide a helpful framework. But it is still the responsibility of the organisation’s Data Protection Officer (DPO) or Chief Information Security Officer (CISO) to ensure that the additional requirements of GDPR are included in their systems.

Who needs this service?

Few organisations have the in-house resource to manage the full ongoing requirements of GDPR. This is because of the exacting demands of the role, making CISOs with specific GDPR expertise hard to find and expensive to employ. Most resident CISOs therefore benefit significantly from the added value, support and resource provided by industry experts with wider GDPR experience.

Many organisations require a higher level of support in fulfilling the CISO or DPO roles to meet the exacting requirements of GDPR. Engaging with an industry-respected GDPR team will ensure that all appropriate steps are taken in a timely and cost-effective manner.

What solution does SRM’s GDPR service provide?

Our GDPR consultants are trained through a GCHQ-approved qualification and can advise and support on the strategic implementation of GDPR. SRM has operated in this environment for many years and can support organisations at any level, from strategic level C-Suite engagement to taking on the full DPO role if required.

SRM’s GDPR service benefits include:

  • A personal point of contact within the GDPR team for each client.
  • A pre-audit exercise and gap analysis.
  • Remedial action plan and roadmap.
  • A fully accredited forensics lab to assist in any investigation should a breach occur. We can also handle communications to relevant bodies, should the worst happen.
  • Strategic board level engagement (if required) to ensure company-wide commitment to GDPR implementation and training is secured.
  • A wealth of experience in running exercises and working with policy makers to ensure that impact to the business is minimised.

Associated services

Virtual CISO ™ Virtual ISM ™

Virtual CISO ™ Virtual ISM ™

At SRM we have developed VirtualCISO™ and VirtualISM™, which are totally bespoke services, providing as much or as little as required depending on the individual company.

PCI DSS Compliance

PCI DSS Compliance

The SRM PCI DSS compliance team includes leading QSAs who use their wealth of experience to help organisations at all levels to understand not only how to comply but also how to reduce costs.

Cyber Essentials Certification

Cyber Essentials Certification

The SRM team is experienced in all aspects of Cyber Essentials certification. We can do as much or as little as is required.

ISO 27001 Consultants

ISO 27001 Consultants

SRM guides you through the entire ISO27001 certification process, helping you to review continually and refine the way you handle information security, not just for the present, but for the future.

Related articles

How to implement Track and Trace safely without compromising your data security

The further easing of lockdown restrictions this month has allowed many face-to-face businesses like hospitality, retail and leisure to re-open under controlled conditions. This means that after the hiatus..

What happens with GDPR after Brexit?

A lot has happened in the past few months, but the implications of Brexit remain a key concern for businesses – especially those processing data across borders. You’d be..

What to do when a staff member leaves

Staff turnover is one of the leading causes of data loss, so make sure you have a plan of action in place. As any business owner knows, data loss..

Back to top