All Research
Advisory Note
KuppingerCole Maturity Level Matrix for the degree of readiness for implementing EU GDPR (General Data Protection Regulation) requirements. Foundation for assessing the current status and identifying specific measures in your GDPR compliance projects and programs.

1 KuppingerCole Maturity Level Matrix – How to use this document

The EU GDPR (General Data Protection Pro) has significant impact on how organizations can collect, store and process PII (Personally Identifiable Information. It applies to all organizations that do business with EU resident people, regardless of where these organizations reside and whether they have a subsidiary in the EU. That also applies to services that are free of charge, such as many search engines or social networks. Many organizations have initiated and implemented programs to work towards compliant systems and processes during the past few years.

1.1 Why GDPR readiness and compliance programs need regular reviews

IT systems and business processes evolve to support new use cases, business requirements, and deployment models. During these change processes it is important that compliance with all applicable regulations and especially with the GDPR is continuously ensured and all necessary evidence is collected. Unlike other regulations, there is no regular inspection of compliance with the requirements. Rather, individuals (including customers, employees or other relevant data subjects) and the competent supervisory authorities are able to make enquiries if alleged or actual omissions or offences are to be investigated. However, as yet there is no proof of GDPR compliance as a regular and permanent seal of quality.

However, assessing the quality and maturity of the controls, systems and processes implemented by an organization is essential. Given the level of agility required from business and market requirements this assessment needs to be executed on a regular basis. Continuous improvements are essential to achieve an adequate level of compliance in all key areas of the GDPR.

KuppingerCole strongly recommends regular reviews of the current state of IT projects and programs. This includes the review for maturity in the areas of compliance with regulatory or industry-specific regulations or frameworks. To support such reviews, KuppingerCole provides Maturity Level Matrixes that are specifically targeted to distinct areas of the IT market, in this case, GDPR readiness. The following sections elucidate the KuppingerCole Maturity Level Matrix for GDPR readiness.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use