GDPR Program

Client Needs & Objectives

As part of the new Global Data Protection Regulation, our client needed an assistance to plan and pilot its GDPR program through its branches in France, the Netherlands, Germany, Italy and Portugal :

  • Perform a gap-analysis between the GDPR requirements local activities
  • Structure the GDPR program (governance, workload, PMO tools)
  • Design a roadmap by project / actions with the expected due date by deliverables
  • Coordinate the different projects locally in the Business Units

Our Approach

  • Analyze GDPR regulation according to the bank specificities and identify all requirements in coordination with local legal departments
  • Assess the workload and identify the resources requirements according to the size of each branch (business activities, structure)
  • Create a governance with the appropriate stakeholders according to the phase of the Program (planning phase vs implementation phase)
  • Create a centralized and shared PMO tool enabling to monitor each actions and associated deliverables
  • Present to the sponsors the different points of arbitration between the loss of  business opportunities & legal requirements if needed

Main Deliverables

Download

Client Benefits & Main Results

Prepare a structured GDPR program with the Business, Compliance, Security, IT and Legal department

Enroll the future DPO into the GDPR program change

Raise awareness at the early-stage of the GDPR Program to the operational teams requiring a contribution to the GDPR change

Address with a close monitoring the transversal topics (Security, Legal & IT)