Reducing risk and reaching compliance


As the GDPR deadline date loomed, one of our clients wanted assurance that their processes and business in general was aligned with the regulation. Challenges they faced, before our recommendation of a review, were: 

  • They didn’t have the internal knowledge or skills to reach compliance themselves
  • Didn't have the resources available to do so, even after educating themselves


One of our GDPR expert management consultant's carried out a 3 day review, identifying: 

  • Key departments and interviewing heads of departments
  • Data flow in and out of the department
  • Looked at where they stored data and specifically personal data

After the audit was carried out, our expert put together a report that summarised the findings, and highlighted significant risk areas. She then provided high level recommendations to improve data security, such as limiting use of personal data in emails, password protecting documents, reducing paper, and using shared drives rather than saving things locally.


  • Increased understanding around the importance of data security
  • Reduced risk in departments
  • Individual awareness just by working with departments, of GDPR requirements

As a result of the findings, it has lead the client to do an overall review of their business processes, in order to make sure actions and processes going forward are aligned with meeting the requirements. 

More on GDPR

Jessy Aspell

Jessy is one of our expert Management Consultant's, with a demonstrated understanding of the principles of change management, project & programme management,...