We are able to provide your organization with a systematic overview of its compliance risks. Our experts are ready to perform gap assessments based on:
- Banking regulations issued by national control authorities;
- Digital platform regulations for alternative transport providers issued by national control authorities;
- Standards such as ISO 27001, ISO 27002, ISO 27005, ISO 22301, ISO 27552, ISO 31000 and more;
- Other specific regulations such as GDPR, eIDAS, PSD2, NIS (and the local equivalent laws) and more.
Generally, our assessment methodology follows the next phases:
Planning phase – setup activities sequence, establish necessary resources, key personnel and gather necessary information;
Execution phase – carry out visits and interviews on-site, perform checks on policies and procedures, test equipment and software, verify security roles;
Reporting phase – analyze collected data, issue and present the Assessment Report.
GP Assessment Report – includes the findings, points out areas of compliance and non-compliance, as well as recommendations for remediation.
Improvement Action Plan – includes a list of activities to be carried out for further improvement. The Action Plan shall be determined based on the severity of the non-compliant aspects identified.
- Systematic overview of your organization’s compliance risks;
- Gap Assessments serves as a critical first step in the development of an overall risk management strategy;
- Acknowledging the compliance risks will help you reduce the exposure to financial and reputational loss.