Assessing procedural controls can be costly and time-consuming. However, these new out-of-the-box cloud-based SAQ questionnaire templates give audit teams the ability to drastically reduce the spend and labor required to assess both high-level and specific elements of GDPR readiness. Instead of having to craft questionnaires from scratch, teams can distribute the questionnaires as-is or slightly modify each as necessary, and then use questionnaire responses to generate proof of GDPR compliance with detailed reports.
"The GDPR has three dimensions: legal, procedural and technical," according to Gartner. "In terms of implementing the GDPR data protection principles, technology is the primary enabler, providing solutions, repeatability and scalability."1*
SAQ will also offer customers a single dashboard from which to launch GDPR campaigns, manage new GDPR templates, and manage risky third-party vendors. This new tool will simplify the execution and management of GDPR vendor risk assessments by saving time and effort. With a single pane of glass for all GDPR-related assessments, customers can launch new GDPR assessments using the SAQ templates within a matter of minutes and a few clicks. Information on the status and aging of all assessments, vendor risk data along with risk scoring will be available on this dashboard.
"GDPR is a major turning point for organizations, and has incentivized them to accelerate their digital transformation efforts as well as build stronger businesses that can thrive and build trust with customers into the next decade," said
Each of the seven new questionnaire templates spells out GDPR requirements in granular detail and helps teams assess their business readiness for GDPR compliance:
- GDPR Business Readiness Self-Assessment: Designed to identify key areas where operational changes will be required, and to assist the organization in prioritizing efforts for GDPR compliance.
- GDPR Data Inventory and Mapping: Helps in assessing the process to identify, locate, classify and map the flow of GDPR-protected data.
- GDPR Accountability and Responsibility Assessment: Helps in assessing the process of accountability and responsibility in terms of data governance as per GDPR requirements.
- GDPR Data Privacy Assessment in Operations: Focuses on assessing appropriate technical and organizational measures to protect EU residents' personal data from loss or unauthorized access or disclosure.
- GDPR Third-Party Vendor Assessment: Helps to identify and assess the requirements of third-party vendors with which you share personal data of EU residents.
- GDPR Data Incident and Breach Notification Assessment: Helps in the assessment of GDPR's data breach notification and communication requirements.
- GDPR Data Protection and Privacy Impact Assessment: Helps organizations in the assessment of the privacy risks and data protection safeguards of new projects.
SAQ GDPR-specific templates are available to customers today. The SAQ GDPR-specific dashboard will be available to customers in August.
Qualyson LinkedIn and Twitter
- Read more about the Qualys Cloud Platform
- Read about Qualys SAQ
- Read more about Qualys GDPR Solutions
1Gartner, A Technical Solution Landscape to Support Selected GDPR Requirements,
*NOTE: This document, while intended to inform Gartner clients about the current data privacy and security challenges experienced by IT companies in the global marketplace, is in no way intended to provide legal advice or to endorse a specific course of action.
News Provided by Acquire Media