GDPR QuickStart Assessment

Find out what’s required to achieve GDPR (General Data Protection Regulation) compliance with this consultative service. 

Total’s GDPR QuickStart Assessment will help to identify what’s required to be compliant, obtain the buy-in of key stakeholders and build the business case for remedial works. You benefit from the knowledge of an independent expert and a prioritised set of recommendations to put you on the road to GDPR compliance. 

Why would you want it?

On 25 May 2018 the new General Data Protection Regulation (GDPR) comes into operation, replacing the Data Protection Act (DPA) 1998. While the fundamental principles are similar, GDPR is far more onerous and is expected to be proactively enforced through audits and punitive fines.

As the UK Information Commissioner’s Office warns: “It is essential to plan your approach to GDPR compliance now and to gain ‘buy in’ from key people in your organisation. You may need, for example, to put new procedures in place to deal with the GDPR’s new transparency and individuals’ rights provisions” (March 2017).

Total’s GDPR QuickStart Assessment is designed to help you:

  • identify the work required to achieve compliance

  • obtain the support of senior stakeholders
  • build the business case for the resources required to achieve compliance.

Specifically you will benefit from:

  • the expertise of an experienced, GDPR and IT Governance certified consultant

  • an independent assessment of your GDPR shortcomings
  • the engagement of all key stakeholders
  • a report providing a clear set of findings and prioritised actions
  • the foundation for a successful programme of compliance achievement, encompassing process, policy and technology.

What Total do

The GDPR QuickStart Assessment functions both as a stand-alone piece of fact-finding and advisory consultancy and as the first stage of a complete programme of GDPR compliance consultancy.

The GDPR QuickStart Assessment is a fixed price, four-step process focused on the needs of single organisation with a common security policy. For groups of companies and/or organisations with multiple policies multiple assessments are typically required.

1 Planning workshop
Service delivery commences with a half day planning workshop, typically based around a con-call with key stakeholders (see below) from your organisation, to agree objectives and plan service delivery.

2 Fact-finding workshops
The lead consultant conducts a series of day-long workshops with executive, operational and business stakeholders to understand your organisation’s current data protection processes, policies and technology. These require the active participation of key stakeholders in order to identify all areas of GDPR exposure. Stakeholders are:

  • the executive sponsor (typically a MD/CEO or FD/CFO)
  • the operational owner (typically IT management)
  • business services owners – management from the departments controlling or processing personal data (typically HR, finance, marketing, e-commerce and customer loyalty/services)

3 Analysis and interpretation
Following analysis and interpretation of the information gathered, the consultant presents key findings in a RAG-graded report.

4 Presentation of findings
Face-to-face presentation of the assessment’s findings and discussion of required actions. 


Successful service delivery requires:

  • an executive (board level) sponsor

  • the participation of all relevant stakeholders
  • open and honest disclosure. 

Why Total?

Total uses a specialist practice of expert GDPR consultants to deliver the GDPR QuickStart Assessment. They have a vendor neutral approach, a proven methodology and are individually certified in GDPR and IT Governance to both a Foundation and Practitioner Level (ISO 17024:2012 Accredited).

Total has both the vendor relationships and the technical capabilities to help you to address any technology requirements the assessment may identify.  

What next?

To learn more contact your account manager, submit the enquiry form below or call us on 0345 647 0000* to arrange an initial conference call with a subject matter expert. Following this you will receive a formal proposal based on your specific requirements.     

Enquire now . . .