You will no doubt be aware that GDPR is not just IT / Cyber related, so the sterling work your IT team are doing will account for around for a 10% of what’s needed. Thinking about the other 90%…
In relation to your Data Protection Officer / nominated compliance person, what tools did you decide to use in order to track the following?
Privacy Activity Logs (PALS),
Privacy Impact Assessments (PIA),
Subject Access Requests (SAR).
If you don’t have an answer for any of these, please get in touch. We can provide you with a solution.