RSM firm: Ireland 
RSM contact: Terry McAdam

Bringing RSM’s ideas and insight – the work we carried out

An engineering consultancy retained RSM Ireland to undertake a review of their data management practices in respect of the outsourced services they provide to a public sector body under an existing contract. Such a third party review was required by their client.

Our consulting team undertook the review required in light of the current national data protection legislation and the upcoming General Data Protection Regulation. 
Our team conducted walk through testing of the existing core processes and mapped the relevant data flows. We also captured the nature of the data managed within the in-scope processes.

We prepared a concise report detailing the issues which prevailed in the processes, their potential impact and our related recommendations to mitigate the risks associated with matters identified. Post the capture of the views of management we presented our report to a Director of the business who shared the document with the public body.

Understanding our client – the benefits

The client and its senior staff now understand their data protection obligations, both current and in the future, and how they are responsible for ensuring compliance is achieved and maintained.

Regarding the scope’s outsourced service provision, RSM presented the organisation with clear recommendations and advice in order to address the shortcomings which became apparent during our review. Working with management, a clear action plan, including timelines, was develped to address the prevailing risks and develop an improved data governance environment.