Advisory Note

Maturity Level Matrix for GDPR Readiness

KuppingerCole Maturity Level Matrix for the degree of readiness for implementing EU GDPR (General Data Protection Regulation) requirements. Foundation for assessing the current status and identifying specific measures in your GDPR compliance projects and programs.

Matthias Reinwarth

mr@kuppingercole.com

1 KuppingerCole Maturity Level Matrix – How to use this document

The EU GDPR (General Data Protection Pro) has significant impact on how organizations can collect, store and process PII (Personally Identifiable Information. It applies to all organizations that do business with EU resident people, regardless of where these organizations reside and whether they have a subsidiary in the EU. That also applies to services that are free of charge, such as many search engines or social networks. Many organizations have initiated and implemented programs to work towards compliant systems and processes during the past few years.

1.1 Why GDPR readiness and compliance programs need regular reviews

IT systems and business processes evolve to support new use cases, business requirements, and deployment models. During these change processes it is important that compliance with all applicable regulations and especially with the GDPR is continuously ensured and all necessary evidence is collected. Unlike other regulations, there is no regular inspection of compliance with the requirements. Rather, individuals (including customers, employees or other relevant data subjects) and the competent supervisory authorities are able to make enquiries if alleged or actual omissions or offences are to be investigated. However, as yet there is no proof of GDPR compliance as a regular and permanent seal of quality.

However, assessing the quality and maturity of the controls, systems and processes implemented by an organization is essential. Given the level of agility required from business and market requirements this assessment needs to be executed on a regular basis. Continuous improvements are essential to achieve an adequate level of compliance in all key areas of the GDPR.

KuppingerCole strongly recommends regular reviews of the current state of IT projects and programs. This includes the review for maturity in the areas of compliance with regulatory or industry-specific regulations or frameworks. To support such reviews, KuppingerCole provides Maturity Level Matrixes that are specifically targeted to distinct areas of the IT market, in this case, GDPR readiness. The following sections elucidate the KuppingerCole Maturity Level Matrix for GDPR readiness.


Full article is available for registered users with free trial access or paid subscription.

Register and read on!

Sign up for the Professional or Specialist Subscription Packages to access the entire body of the KuppingerCole research library consisting of 700+ articles.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package