GDPMS - GRC

Introducing the Global Data Protection Management System (GDPMS)

In a shrinking world with growing data and laws that are now stricter than ever, is your business doing the right things to ensure the safety and protection of the commodity that allows your business to thrive and prosper? Do you know what the reach of the regulators is and the fines that they can impose?

With contact, legislation and sentiment from more than 160 Regulators and Supervisory Authorities, together with the Data Protection Laws of more than 80 countries and an army of qualified Global Data Protection Officers (DPO+G) this Governance Risk and Compliance System is the world leader.

Built to the International Standard for Information Security (ISO 27002) and the International Standard for Risk Management Systems (ISO 19600), this web based (SharePoint Online) system is your turn-key global platform for Data Protection and Data Privacy Management. 

Designed to work across borders and without geographical limit, you will be able to manage your business regardless of where your data subjects are located, the laws and regulations that protect them, where your infrastructure is located and where your business is registered and run from. Specifically suited to Multi-Nationals and globally diverse businesses that need to comply with multiple jurisdictions, this GRC is the ultimate data protection and data privacy management system.

Features...

A full suite of beautifully authored and fully customizable:

  • Policies for Information Security Management Framework including:

    • Information Governance Council

    • Intellectual Property

    • Record Management

    • Information Security

  • Standards for Information Security including:

    • BYOD (Bring your own device / technology)

    • Change Management

    • Cloud Security

    • Cryptography

    • Data Backup

    • Data Privacy Impact Assessment

    • Disaster Recovery

    • Employee Life-cycle Management

    • End User Protection

    • Information Classification & Handling

    • Information Security Risk & Compliance

    • Acceptable Use

    • Logging and Monitoring

    • Network Security

    • Physical Security

    • Privacy and Personal Data Protection

    • Security Incident Management

    • Third-party Risk Management

    • User Access Management

    • Vulnerability Management

  • Human Resources Management Standard

  • Record Management Standard

  • Social Media Standard

Processes, Procedures and Work Instructions:

  • 50 Defined graphically represented step-by-step Processes mapped to the controls defined in the standards

  • 45 Work Instructions that detail the steps to achieve the required outcomes for each of the steps in the Processes

  • 50 Supporting documents, Guides, Templates and Instruction documents

  • Business System & Application Management

  • Change Management

  • Contact Management

  • Control Exception Management

  • Cryptographic Key Management

  • Data Classification Management

  • Information Risk Management

  • Mobile Device Management

  • Record Management using International Archivists & Record Managers Association (ARMA) Information & Source of Truth

  • Removed Information & System Asset Management

  • Vendor (& third-party) Management & Assessment

  • White List Application Management

  • Fully automated Task Review Register to ensure that all reviews are completed from weekly to annually without delay.

  • Automated Data Subject Request & Life-cycle Management with email capture

  • Integrated Data Flow Builder and Management - instantly and automatically map data to applications, agreements, processes

  • Integrated Process Flow Builder and Management

  • Data Protection Impact Assessment (DPIA) Management

  • Legitimate Interests Assessment (LIA) Management

  • Integrated User Management

  • Automated Collection Statement & Privacy Notices generation and publishing

  • Instructions to Processors Management

  • Instructions from Controllers Management

  • Legal Compliance and Agreements Register

    • Automatically ​Generate Controller Agreements

    • Automatically Generate Processor Agreements

    • Automatically Generate Recipient Agreements

  • Regulator Intervention Management

  • Secrecy Undertaking Agreements & Management

  • Data Subject Fee Management

  • Automatically Capture Data Subject Emails and Replies

  • Customizable Data Subject Request Processes and Responses

  • Personal Data Category Management

  • Built-In Record Management (RMS) for Retention Compliance

  • Automated Security Incident Management

    • Automated Regulator Reporting

    • Notifiable Data Breach Management

    • Automated Data Subject Notification

  • Familiar user interface that uses Microsoft Office 365 (SharePoint Online)

  • Publicly accessible Online Forms

  • Country and Location (Region) Data, Global Regulators (laws and impacts) and Record Management Registers are maintained by our team of experts that specialize in these areas.

Add to these features a complete and comprehensive Security Incident and Notifiable Data Breach (NDB) Management and Control System with...

  • Regularly Updated Regulator Requirements for Notification of

    • The Regulator or Supervisory Authority​

    • The Data Subjects

    • Credit Reporting Agencies

    • Law Enforcement

  • Automated Notice Generation to all the above parties based on comprehensive rules

  • Automated Workflow to ensure that all reporting and notification tasks are completed as required by the Regulators across all effective regulator jurisdictions

  • Simultaneous notifications to Multiple Regulators based on 

    • Areas of Jurisdictional reach and influence​

    • Areas of Data Subject protection

    • Location of Enterprise or Data Breach

  • Comprehensive and detailed Audit Reports on the status of a breach and the notifications involved

  • Laws regarding notification for more than 160 Global Regulators

    • All GDPR Countries​

    • All States (with NDB Laws) in the United States

    • *NEW* APRA CPS-234 and Cloud (Third-Party) Management Requirements for Australia (effective 01-JUL-2019)

  • With a single mouse click, Immediately identify the types of Data Subjects (and Personal Data Categories) that are affected by a Security Incident based on:

    • Applications that are involved​

    • Processing Register Entries

    • Servers affected

    • Type of Incident

    • Regulator rules and Legislative Requirements

    • Data Flow, Consumption and Data Processing 

  • Much More...

Contact Us Today or Schedule a Live Demonstration or discover more about Global Data Protection

Need to know something? Send Us an Email: info.at.dp.services

ALL PRICES ON THIS WEBSITE ARE Euro € unless otherwise stated.

© 2016 - 2019 by GDPR Forensic Limited All Rights Reserved. 

The eu.uk.com star logo and the DPO and CA Seals are Trademarks of GDPR Forensic Limited, unauthorised use is prohibited.

  • Facebook Social Icon
CA Certified Logo Device
DPO Certified Logo Device