The General Data Protection Regulation (GDPR) requires that organizations securely and lawfully store and process personal data of European residents, but where do you start when your compliance program is immature? Data and process gathering and mapping is a foundational piece of your GDPR compliance program and a great starting place for understanding what your organization is doing with personal data.
SureCloud’s GDPR Discovery data inventory system allows you to kick-start your data gathering exercise through a simple set of questions, which can either be disseminated to functional heads via a questionnaire or completed in a workshop environment. The questions are designed to capture key data inventory elements, such as business processes, information assets, and systems. Based on the information entered, administrators benefit from risk-indicators, which can help focus follow-up deeper dive investigations.
When the time is right, and as GDPR your program matures, the output from SureCloud’s GDPR Discovery data inventory solution can be automatically pushed into SureCloud’s Information Asset Management solution where greater levels of analysis, tracking and context can be recorded.