The EU’s General Data Protection Regulation (GDPR) goes into effect today, imposing strict security requirements on any company worldwide that handles the personal data of EU residents. Qualys Security Assessment Questionnaire (SAQ) – a Qualys app that helps you with this type of procedural risk assessment -- has been enhanced with new GDPR-specific templates.
Assessing procedural controls can be challenging. However, a huge amount of time and money can be saved if you have out-of-the-box questionnaire templates that you can distribute as is or slightly modify as necessary, instead of having to craft questionnaires from scratch.
This is one of the ways that Qualys SAQ can help you carry out holistic assessments of GDPR procedural compliance and generate reports based on responses.
Each of the seven new questionnaire templates breaks down GDPR requirements into granular detail and helps you assess your business readiness for GDPR compliance:
GDPR Business Readiness Self-Assessment
Designed to identify key areas where operational changes will be required and to assist the organization in prioritizing efforts for the GDPR compliance.
GDPR Data Inventory and Mapping
Helps in assessing the process to identify, locate, classify and map the flow of GDPR-protected data.
GDPR Accountability and Responsibility Assessment
Helps in assessing the process of accountability and responsibility in terms of data governance as per GDPR requirements.
GDPR Data Privacy Assessment in Operations
Focuses on assessing the appropriate technical and organizational measures to protect EU residents’ personal data from loss or unauthorized access or disclosure.
GDPR Third-Party Vendor Assessment
Helps to identify and assess the requirements of the third-party vendors you share personal data of EU residents with.
GDPR Data Incident and Breach Notification Assessment
Helps in the assessment of GDPR’s data breach notification and communication requirements.
GDPR Data Protection and Privacy Impact Assessment
Helps organizations in the assessment of the privacy risks and data protection safeguards of new projects.
With the introduction of these new templates, all you have to do is identify your area of concern and leverage the appropriate template with built-in content for procedural assessments. You can also customize the questionnaires to suit your organization’s specific organizational requirements or workflows.
With the questionnaire responses that you receive, you can generate proof of GDPR compliance with detailed reports.