RSM Australia

GDPR Case study - Online gaming

RSM firm: Malta

RSM contact: Gordon Micallef


Bringing RSM’s ideas and insight – the work we carried out


The impact assessment looked into the existing processes, policies, procedures, structures and identified the gaps to the new regulation requirements. As well as providing the recommendations to address the gaps, we prepared the necessary tool sets to address a number of areas as part of our deliverables:


  • inventory of data sets, processes, and ownershipGDPR case study - Online gaming
  • third-party privacy questionnaire
  • checklist to evaluate third-party contracts against privacy obligations
  • information system security questionnaire relevant to privacy obligations
  • consent inventory
  • data protection policy
  • incident response procedure
  • data archiving and retention policy

Understanding our client – the benefits


The primary benefit is that the organisation will have a clear picture where it stands in terms of compliance to the new regulation, and what action is necessary to address the gap through a detailed action plan. The objective of delivering a number of tools as part of our engagement is to continue providing management services for GDPR compliance on an ongoing basis once the regulation comes into force in May 2018.



More GDPR case studies >>