Bringing RSM’s ideas and insight – the work we carried out
RSM Germany performed a GDPR-readiness check for a leading European aerospace company. The current established organisation and structure with regards to data privacy was reconciled to the future regulatory requirements.
The review assessed the current adjustment activities in light of both the prevailing Data Protection legislation and the pending General Data Protection Regulation.
Our team reviewed the most current procedural directory and conducted respective walk-throughs in order to understand the current processes and data processing activities. Our team also assessed the relevant data flows and respective risks and verified the appropriateness of the mapped technical and organisational actions.
The results were presented in a formalised report as well as in a presentation to the Board of Directors. Detailed observations, recommendations as well as the respective management report formed part of the report while the presentation highlighted our approach and the outcome. Further actions have been discussed with management during the soft close meeting after fieldwork on site.
Understanding our client – the benefits
The data protection officer, senior management as well as the Board of Directors gained an increased understanding of their data protection obligations (current and future) and their respective roles in ensuring compliance is achieved and maintained.
With respect to the in-scope process, the organisation was presented with clear recommendations and work packages which would address the shortcomings identified during our fieldwork. In conjunction with management, a time-bound action plan was agreed to address the risk of an individual’s privacy being impacted during the day-to-day running of the company.