Data protection management (DPM)
The lack of security resources of IT organizations, the rapid shift to cloud computing, compliance requirements, and the rapid rise of threats such as “Frauds” or “Ransomware attacks” remain the most important current security challenges. It is already becoming apparent that there will be massive disruptions in the security ecosystem. This will have a major impact on the industry and also on the requirements and responsibilities of the Chief Information Security Officer (CISO).
Implementation according to EU-DSGVO and BDSG
With our DSM tool, you build a legally compliant data protection management system. You will be guided step by step through all data protection topics – from the creation of the processing directory to the deletion concept to the management of data protection incidents. It goes without saying that it is also possible to maintain related documents. We have already prepared all the reports required to meet the requirements of the GDPR for you.
Baustein | Beschreibung | Umsetzung in GRASP |
Verzeichnis der Verarbeitungstätigkeiten | Dokumentieren Sie die Verarbeitung
personenbezogener Daten. | ✔ |
Datenschutzfolgen- abschätzung | Dokumentieren Sie die Folgenabschätzung einer geplanten Datenverarbeitung. | ✔ |
Maßnahmentracking | Sicherheitsmaßnahmen aus Datenschutzbewertungen, Auditmanagement oder Datenschutzvorfällen. Pflege von technischen und organisatorischen Maßnahmen, die global ergriffen oder aus Datenschutzbewertungen, Audits, Datenschutzvorfällen, etc. resultieren. | ✔ |
Auditmanagement | Auditerstellung, -durchführung, -freigabe und Auswertung für Datenschutzaudit. | ✔ |
Datenschutzvorfälle | Dokumentieren Sie die Anforderungen
aus dem Recht auf Löschung. | ✔ |
Datenschutzanfragen | Legen Sie fest, welche Normen und
Standards anwendbar sind. | ✔ |
Modular assemblable
With GRASP, you can build up your data protection management in a modular way according to your ideas. It offers all the necessary management modules for implementing the General Data Protection Regulation (GDPR) “ex works”. Whether you are a data protection officer or a company owner, GRASP allows you to customize your data protection system. This makes data protection very effective and can be managed by one to a few people.
GRASP at a glance
Download the free flyer with all the important information about GRASP.
Data protection management workflow
- Define applicabilities
- Logging of processing activities
- Perform a threshold analysis
- Perform data protection impact assessment (DSFA)
- Maintain deletion policies
- Manage the measures
- Identify commissioned processors
- Generate audit reports for compliance with DSGVO and BDSG
- Record and handle data protection incidents
