Consultancy

OSP Group are the only Scottish company that has been externally assured by APMG International under the NCSC Certified Training Scheme for Data Protection. This reflects our pragmatic and holistic approach and our ability to integrate Data Protection measures into your global sales and marketing operations. This demonstrates our credibility and quality assurance within the Data Protection & Cyber Security sector.

Data Protection & GDPR Consultancy

Using an external advisor can make the challenge of preparing for and complying with Data Protection and GDPR more efficient and effective. Our consultants and advisors can bring a different perspective and bring new insights based upon experience from multiple sectors. OSP work with our clients to develop a service uniquely appropriate to their needs whether an audit or an interactive workshop, which combines audit techniques with awareness training for small groups on the Data Protection implications of their work.

Our findings are reported quickly to clients in clear, accessible, language. We have a wealth of Data Protection tools and standards to quickly remedy any shortfall in clients materials ensuring they have the best possible defences when dealing with Data Protection compliance.

GDPR Organisational Discovery Assessment

The GDPR Accountability Principle (Article 5(2)), makes preparation and compliance a board issue. This requires a strategic approach to enable governing bodies to strategically align Data protection and GDPR across your organisation. This starts with GDPR Organisational Discovery, a short but strategic assessment of your compliance and the development of a high-level roadmap to compliance. We have vast experience to support your needs in this discovery phase.

Data Protection Impact Assessment

Most organisations will conduct a Data Protection Impact Assessment(s) (DPIAs). This can be a daunting task, OSP can provide a methodology, training and consultancy to help you carry out one or more DPIAs. Our method is to take a contextual risk based approach using the Data Protection impact assessment (DPIA) process as the starting point to develop a comprehensive and tailored solution that will work for you.

The development of measures to address the risks and to demonstrate compliance, or Risk Treatment Plan will be focused on providing a capability, that allows you to Identify, Protect, Detect, Respond & Recover Personal data. All of these measures are in accordance with best practice for Data Protection & security by design and by default, within the guidance from the ICO and National Cyber Security Centre (NCSC).

The Risk Treatment Plan which will be developed will include the provision of some standard policies and procedures which can be configured to your company as a set of recommendations for security measures.

Outsourced Data Protection Officer

OSP recognise that the Data Protection Officer (DPO) plays an important role in advising the senior leadership team on current policy and risk management, as well as determining future policy. OSP can provide the complete outsourced DPO which will be tailored to your needs and budget.

OSP understand that complying with the requirements of the UK Data Protection Act (DPA) and GDPR can be demanding. We are here to take the pressure off and allow you to focus on your core business. The DPO service provided by OSP is designed with you and to meet your needs. Whether you have a statutory requirement to appoint a DPO or you just want some advice and guidance, we can help to ensure that you meet the requirements of the DPA and GDPR in a cost effective way.

Our DPO Services Provides:

Assistance to monitor internal compliance, inform and advise on your Data Protection obligations.
Advice regarding Data Protection Impact Assessments (DPIAs) and act as a contact point for data subjects and the supervisory authority.
An expert in Data Protection, adequately resourced, to report to the highest management level.
Help to demonstrate compliance and accountability.

Outsourced Chief Information Security Officer (CISO)

The Outsourced Chief Information Security Officer (CISO) service is designed to assist you in developing and maintaining a long-term sustainable strategy for information assurance and security within your organisation. The role of a CISO is complex, requiring considerable business and technical experience to balance business risk with environmental and financial objectives successfully – while also considering business constraints and organisational culture. SME organisations are frequently unable to dedicate in-house resources to address their information security challenges.

With the guidance of our Chief Information Security Officer, your organisation can do the following:
Senior management presence in the organisation with regards to Information Security
Meet globally accepted best practices whilst performing continual improvement activities
Advice and counsel to management on budget and resourcing requirements for security activities.
Costing savings as there is no need to hire full time employees.
Optimise technology providing technical expertise using the knowledge of our partnership pool

Speak to one of our Industry Experts FREE, to understand your needs under GDPR, register today to arrange your call.

[email protected]

Watch a short video explaining GDPR