GDPR Compliance

 ISM provide “Compliance in box” toolkit. The toolkit comes with an initial gap analysis, two days consultancy (on-site) and a post-assessment check.


The ICO who will enforce GDPR in the UK can fine companies up to 4% of global turnover or 20,000,000 (euros). Although this is the maximum fine taking steps to avoid technical and organisational risks before the deadline is highly recommended by the ICO. This is not designed to be a “silver bullet” to GDPR in the same way taking on a book-keeper and accountant does not guarantee compliance with HMRC. This is designed to give companies the tools and capabilities to get compliant without having to spend thousands of pounds on training and implementation.


Pre Assessment

  • Initial gap analysis (sent by encrypted email) 

Day one on-site

  • Gap analysis review
  • Review of GDPR
  • Context of organisation
  • Data discovery (records, retention and protection)
  • Documentation review
    • Data, security and IT policy
    • ICO registration
    • Complaints/data breach procedure
    • Internal/external audits
    • Training policy

Day two on-site

  • Data protection impact assessment
  • Management review
  • Risk and data controls
  • Data protection officer

Post-assessment (off-site)

Management review and control implementation check

The Cost

Every package is bespoke to customers, please contact us for a free no obligation quote.