Assessment & Report activities- Gap Analysis
A legal-tech analysis is made in order to assess and determine the profiles of privacy impact of the legal entity.
At the end of the evaluation, a final report is created. The report indicates the emerging critical issues and the actions to be performed in order to realize the following privacy compliance.
The purpose of this phase is double: on one side is to map the flows, the individuals, the categories of data involved in the existing processing of personal data; on the other side is to obtain a valid and comprehensive parameter to properly structure the following work to ensure compliance.
In this phase of the activity, for example, the organization’s degree of correspondence to the security standards required by law are verified, in addition to the adequacy of the existing documents and the technical and organizational precautions adopted in the light of the legal requirements.
Through this first step, it is then possible to provide a complete map of the critical issues en analyzed and a clear framework of the actions and activities to be done.
Usually, at the end of the assessment, the updated list of the individual tasks for reaching compliance is proposed, a list that will be tailored on the circumstances detected and the potential necessities expressed by the Client.