Determine where you stand and what actions to take


An annual starting point

Every privacy journey needs a starting point. Only if you know where you stand it becomes clear what measures are needed. During an assessment (or official audit) it is thoroughly tested to what extent your organization meets the requirements of the GDPR. A thorough analysis provides a clear insight and also immediately exposes the points for attention. This way you discover the risks you run in the field of privacy and data protection. An assessment is not a one-time activity. Processes change, knowledge disappears and new systems are introduced. It is therefore recommended to conduct a privacy assessment at least once a year.

An assessment report

How does it work, an audit or assessment? In addition to studying all available documentation, all relevant stakeholders are interviewed. All information resulting from this audit or assessment is tested according to a fixed method against the legal requirements from the GDPR and all other relevant laws and regulations, such as the GDPR Implementation Act and the Telecommunications Act. All findings are translated into clear points for attention and action points for the organization to mitigate possible risks. 

“If you want to seriously tackle privacy and data protection, an assessment is the logical first step to determine what to do.” 

Michael van Staveren – Data protection officer – LL.M CIPP/E

What to expect from us?

DPO Consultancy is the designated partner for an independent and professional assessment or audit. Our experienced privacy experts are aware of all current legislation and regulations – national and international – and master all aspects of good privacy and data protection policies. In addition, they can classify all identified risks and points for attention and translate them into concrete action points that your organization can implement to improve compliance with legislation and regulations. Naturally, they record all aspects of the assessment in a professional report.

The Schrems II judgement and new standard contractual clauses


Step by step data breach protocol


The GDPR, what does it mean for non-EU companies?

White paper