A Data Protection Management Program (DPMP) is a systematic framework to help organisations establish a robust data protection infrastructure. It covers management policies and processes for the handling of personal data as well as defines roles and responsibilities of the people in the organisation in relation to personal data protection. Having an established DPMP helps an organisation to demonstrate accountability in data protection. This provides confidence to stakeholders and fosters high-trust relationships with customers and business partners.
When an organisation “walks the talk” by implementing a robust data protection management program, enhanced trust from stakeholders including customers to engage with that organisation should follow. An organisation that has a strong data protection management program may enjoy an enhanced reputation that gives it a competitive edge.
We base our approach on a 5 step model of
Senior Vice President, Airbus
The primary objective of our DPMP Framework is to provide guidance to organisations and external auditors in managing and assessing whether the organisations data protection compliance objectives are met. Our Framework contains the prescribed control objectives and illustrative controls for data protection privacy assurance assignments based on the following internationally recognised privacy frameworks
In addition, the Framework can be deployed by organisations to assess the adequacy of data protection controls or to determine the extent to which current controls should be adapted to comply with (changing) legislative frameworks.
We tailor our DPMP implementation packages to suit your organisation’s unique requirements, based on the findings of the Gap Analysis. The number of consultancy days an organisation requires varies based on their size and complexity. For businesses who want to make on-going maintenance of Data Protection compliance easier, not to mention help with ad hoc data protection and privacy matters, we can also include data protection officer (outsourced DPO) services. The outsourced DPO is a retainer service that gives your organisation a fixed amount of DPO time per month for independent, expert privacy and data protection compliance advice.