• Get Help

    Please enter the 6-digit code provided by your support representative:


    You will be prompted by your browser to download the file Support-LogMeInRescue.exe.

    Your Security
    • Remote sessions are sometimes recorded for traceability and training purposes.

    • You are in full control of your computer at all times.

    • You always have overriding control of your mouse and keyboard, and you can end the screen-sharing session at any time.

    Use of EasylifeIT™ Support Connection

    EasylifeIT Remote Support is for use by established clients only

  • Call us on 0800 043 9186
    • 22 Orton Enterprise Centre Bakewell Road, Peterborough. PE2 6XU

      Sales or support

      0800 043 9186
      01733 715930

      This email address is being protected from spambots. You need JavaScript enabled to view it.
      This email address is being protected from spambots. You need JavaScript enabled to view it.

    • Suite 2, Level 1, London house, 68-72 London street, Norwich, NR2 1JT.

      Sales or support

      0800 043 9186
      01603 562996

      This email address is being protected from spambots. You need JavaScript enabled to view it.
      This email address is being protected from spambots. You need JavaScript enabled to view it.

    • 22 Orton Enterprise Centre Bakewell Road, Peterborough. PE2 6XU

      Sales or support

      0800 043 9186
      01733 715930

      This email address is being protected from spambots. You need JavaScript enabled to view it.
      This email address is being protected from spambots. You need JavaScript enabled to view it.

EasylifeIT™ GDPR Scoping Audit

previewIntroduction

As ‘Step 2’ of its ’12 steps to take now’ guidance on preparing for the General Data Protection Regulation (GDPR), the Information Commissioner’s Office (ICO) recommends that organisations should:

“document what personal data you hold, where it came from and who you share it with.  You may need to organise an information audit.”

Implementing the GDPR could have significant resource implications, especially for larger and more complex organisations. However, the size of your company is not the only determining factor.  Smaller companies may need to commit a disproportionate amount of effort to achieve compliance, particularly if their main business activities require them to control and/or process large volumes of personal data.

An important starting point therefore is make a short but structured assessment to identify:

  • where your key areas of risk might be in terms of the level of compliance with GDPR
  • what the size of the task might be

The output of this initial study will then help to determine what the next steps should be, whether you have the right skills / resources at your disposal, and how best to focus those resources.

EasylifeIT™ GDPR Scoping Audit

EasylifeIT can help by facilitating and documenting this initial information audit.  The primary aim is to identify areas of the business that are likely to process personal data, and in particular any sensitive personal data.

Areas to be assessed very early on in the process of GDPR compliance are typically:

  • Human resources
  • IT (to determine the computerised systems in use and to assess the security and contingency measures in place)
  • Marketing (particularly in terms of analysing how consent is obtained)

Therefore, in order to maximise the value of the audit, decision makers representing each of the company’s key data processing functions would need to be involved in the process.  EasylifeIT’s consultant will spend one day on-site working directly with those nominated decision makers.

GDPR requires organisations to document what personal data they hold, where it came from and who they share it with. Specifically therefore, EasylifeIT’s Scoping Audit will seek to gather information about the following:

  • Names of databases / applications personal data is processed in.  Although this is likely to focus on computerised systems, it would also cover paper based systems if applicable.
  • A description of the purpose for processing that personal data
  • Categories of personal data e.g. name, telephone number, address etc
  • Access from / to third parties e.g. contractors or organisations that process any of the data on behalf of the organisation
  • Hosting location / use of internal or external service providers, particularly if outside of the EU
  • Back-up locations, particularly if outside of the EU
  • Contact details of person in charge of the relationship which covers databases / applications
  • Method of data transfer if outside of EU i.e. appropriate safeguards such as contracts are in place if data is transferred outside of the EU
  • Consent – how the organisation is seeking, obtaining and recording consent
  • Safeguarding – the methods in use to protect against unauthorised or unlawful processing and against accidental or unlawful loss, destruction, alteration, unauthorised disclosure of or access to personal data

In addition, the ICO has also designed a basic tool to help organisations get prepared for the new legislation. It helps introduce some of the concepts companies will need to get to grips with a little later on.  These include: the new rights of individuals, handling subject access requests, consent, data breaches and designating a data protection officer. 

https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr/

As part of EasylifeIT’s Scoping Audit, our consultant will also run through this questionnaire with the company’s designated decision makers.  This will provide another useful measure of the company’s current level of GDPR preparedness and the gap (if any) which needs to be closed.  Analysis of this will be included in EasylifeIT’s report which will be provided as part of the Scoping Audit.

Deliverables

A 2 day programme of work, comprising:

  • 1 day on-site working directly with the company’s nominated decision makers from pre-defined key functions
  • 1 day to analyse findings from the on-site data gathering and to produce and deliver a report of findings and recommendations

JAMES ALLISON

James AllisonSTRATEGIC IT CONSULTANT. EASYLIFEIT NORWICH
JAMES IS AN EXPERIENCED AND VERSATILE BUSINESS PROFESSIONAL WHO HAS WORKED ACROSS MULTIPLE SECTORS. HE PROVIDES COMPLEMENTARY SKILLS TO EXECUTIVE TEAMS, ADVISING ACROSS A RANGE OF DISCIPLINES INCLUDING IT STRATEGY, BUSINESS CONTINUITY PLANNING AND IT PROJECT MANAGEMENT

Print Email

How to contact EasylifeIT™

  • Contacting EasylifeIT™ is easy. Call us on 0800 043 9186 (+44 1733 715930) if you would like to speak to one of our team. Alternatively, email This email address is being protected from spambots. You need JavaScript enabled to view it. or complete our short enquiry form.

    Please note that you will be redirected to our secure SSL portal to submit your details and returned when finished

    Contact Form

Strategy and consultancy

Strategy and consultancy
EasylifeIT™ Director
ConceiveIT. A bewildering array of choices; unfathomable jargon. EasylifeIT™ will talk to you in plain English. We will help you make sense of your options and give you the confidence to make good decisions

Read more

Preparation and implementation

Preparation and implementation
EasylifeIT™ Project Manager
ImplementIT. Let us plan, manage and implement the project for you, taking the weight off your shoulders while bringing years of cumulative experience to ensure its success.

Read more

IT SITE MANAGER and support

IT SITE MANAGER and support
EasylifeIT™ Site Manager
ManageIT. Few things are so disruptive to your operations as when the IT misbehaves, and a poorly maintained and managed system is much more likely to go wrong. Delegate this responsibility to easylifeIT™

Read more

IT SECURITY and Cyberessentials

IT SECURITY and Cyberessentials
EasylifeIT™ Security
SecureIT. The use of internet and email has brought enormous benefits, but also considerable risk. Every day there are cyber-attacks against companies just like yours

Read more