The General Data Protection Regulation requires any organisation processing Personally Identifiable Information (PII) within the EU or exposed to PII on an individual located in the EU to have visibility of the data landscape both internally and with third parties handling data on their behalf. Organisations must comply, with fines of up to 4% of global annual turnover possible in the event of a regulation breach.

3GRC’s approach to the GDPR delivers the necessary visibility and remediation advice to meet and maintain compliance in a cost effective, visual and timely manner. Maintaining GDPR data takes time and vigilance, and therefore 3GRC’s Platform can help to manage and control this process, ensuring you stay compliant and avoid damaging implications to your organisation.

Contact us

The 3GRC ‘Top down’ approach

3GRC specialise in targeted, efficient and effective compliance. Our ‘top down’ approach allows you to identify, monitor and control your PII GDPR data quickly and easily, assess the potential exposure to a breach and regulate your compliance against the GDPR as you process and acquire new data. Leveraging output from the top down data mapping exercise, an organisation can gain far more targeted and focused validation results. Our proven methodology simplifies the process with four clear steps to follow.

GDPR Readiness Assessment1

The 3GRC GDPR readiness assessment is designed to help organisations understand and identify how they compare with the GDPR regulation. Whether you are compliant or working towards compliance, this assessment is extremely useful for both internal and external use. The report gives detailed insight into your organisations and third parties GDPR compliance status, generating risks for areas that need further investigation or remediation. This enables you to assess or reassess regularly, ensuring you are always meeting GDPR requirements.

All assessment content has been created in line with the UK’s Information Commissioners Office (ICO) and is regularly reviewed by our senior Governance, Risk and Compliance (GRC) consultants and external data privacy lawyers to ensure the content remains current and appropriate.

3GRC are offering a free GDPR Readiness Assessment which can be used either as a way to validate effectiveness if you have already begun or completed your compliance programme.

Data Mapping Assessment2

Data Mapping Assessment’s identify where data regulated by GDPR exists within an organisation. It provides a clear picture of how data comes in, how it is used and stored, who it is shared with outside the organisation, as well as the nature of the data.

The 3GRC platform allows organisations to conduct scheduled assessments to identify data flows and create a data asset inventory. A risk register is automatically generated highlighting key risk areas. Leveraging automation and consistent risk creation across the organisation provides fast and efficient results in a centralised platform allowing you to monitor and control your compliance levels.

Data Privacy Impact Assessment3

The information highlighted by the Data Mapping Assessment allows organisations to conduct a Data Protection Impact Assessment (DPIA) process focused and targeted to the most sensitive data and business processes with the highest risk.

The assessment within The 3GRC Platform will evaluate the origin, nature and severity of the potential risk to the rights of EU individuals and then provide recommendations to mitigate identified risks ensuring future compliance with GDPR. An effective DPIA will allow organisations to identify and remediate issues at an early stage in a project or asset implementation, reducing the associated costs and reputation damage which might otherwise occur.

Data Discovery4

A data discovery exercise is required to validate the identified business intelligence gained from the previous Data Mapping and DPIA processes. 3GRC have extensive knowledge of tools that can be used to identify data at rest, on premise and in the Cloud. Using information gathered during the data mapping phase of the 3GRC programme, our consultants can advise of the configuration of such tools to accurately identify data.

Contact us today

For more information or to arrange a free demonstration of the 3GRC platform, please contact us today.


GDPR Solutions Datasheet

Download our GDPR solutions datasheet for more information.


Case Studies

Allianz Insurance

Allianz Insurance works with a large number of third party suppliers and was...

Read More

Cancer Research UK

Cancer Research UK were struggling with their approach to supplier risk manag...

Read More


TBWA faced challenges with managing their supply chain. Using spreadsheet-bas...

Read More

Arrange a free trial today

Contact us for a free demonstration of the 3GRC platform. We’ll show you how we can automate, simplify and centralise your risk and compliance management.

Contact us