Data protection management (DPM)
The lack of security resources of IT organizations, the rapid shift to cloud computing, compliance requirements, and the rapid rise of threats such as “Frauds” or “Ransomware attacks” remain the most important current security challenges. It is already becoming apparent that there will be massive disruptions in the security ecosystem. This will have a major impact on the industry and also on the requirements and responsibilities of the Chief Information Security Officer (CISO).
Implementation according to EU-DSGVO and BDSG
With our DSM tool, you build a legally compliant data protection management system. You will be guided step by step through all data protection topics – from the creation of the processing directory to the deletion concept to the management of data protection incidents. It goes without saying that it is also possible to maintain related documents. We have already prepared all the reports required to meet the requirements of the GDPR for you.
Module | Description | Implementation in GRASP |
Register of processing activities | Document the processing of personal data. | |
Data protection impact assessment | Document the impact assessment of planned data processing. | |
Action tracking | Security measures from data protection assessments, audit management or data protection incidents. Maintenance of technical and organizational measures taken globally or resulting from data protection assessments, audits, data protection incidents, etc. | |
Audit Management | Audit creation, execution, approval and evaluation for data protection audit. | |
Data protection incidents | Document the requirements arising from the right to erasure. | |
Data protection inquiries | Determine which norms and standards are applicable. |
Modular assemblable
With GRASP, you can build up your data protection management in a modular way according to your ideas. It offers all the necessary management modules for implementing the General Data Protection Regulation (GDPR) “ex works”. Whether you are a data protection officer or a company owner, GRASP allows you to customize your data protection system. This makes data protection very effective and can be managed by one to a few people.
Data protection management workflow
- Define applicabilities
- Logging of processing activities
- Perform a threshold analysis
- Perform data protection impact assessment (DSFA)
- Maintain deletion policies
- Manage the measures
- Identify commissioned processors
- Generate audit reports for compliance with DSGVO and BDSG
- Record and handle data protection incidents