Customer pursued CSA STAR certification and a review of the Information Security program to address Investor and customer requirements on information security and cloud security.
Services Delivered
Assessed the readiness and compliance to GDPR requirements for an Insurance company
Studied the legal contracts to identify requirements on privacy and security controls
Identified additional privacy and security control requirements mandated by GDPR, if any, to be incorporated into contracts
Conducted a Gap Analysis on the existing data protection practices (documentation, process and technology controls) against GDPR and provide a Gap Assessment report.
Provided recommendations for remediation for each identified gap
Conducted Privacy Impact Assessment, identified personal information and corresponding impact due to a breach
Developed policies and procedures to meet security requirements outlined by GDPR
Developed training content on GDPR requirements
Value Provided
Conducted a comprehensive assessment against GDPR requirements
Identified risks and corresponding remediation measures required to ensure compliance with contractual obligations and internal requirements
Developed policies and procedures to meet GDPR control requirements
Provided guidelines and support as part of implementation support
