The tool that leads to GDPR compliance

GDPR compliance manager for your existing IT environment

The GDPR requires businesses to demonstrate, through documentation, that they are complying with the rules and guidelines. This is exactly what a compliance manager helps you to do. In the tool, you can document all the procedures and processes in your company that must be in place for your company to comply with the regulations.

There are a number of tools available for GDPR compliance, and Microsoft's compliance manager is largely tied to its own cloud services for Office 365, so it is advantageous to use if you are already a user of these services.

All parts of the regulation are divided into sections in your compliance manager and in a section you can also find the text of the regulation itself. You will receive a score based on what you have and have not done to comply with the GDPR requirements.

Just by collecting all the data in Microsoft's cloud services, you have already fulfilled 71 out of 118 steps in Microsoft's Compliance Manager, and you get solid recommendations on what you need to do to fulfill the remaining 47 points. You then fill in what you have done to ensure this. You can also create links to documents that describe each procedure, so that not everything needs to be written directly in the tool.

The difference between a GDPR compliance manager and an assessment tool

We have previously discussed how you can use an assessment tool to determine the extent to which an organization has taken the necessary steps to comply with the GDPR. The main difference between an assessment tool and a GDPR compliance manager is that an assessment tool only asks the question: "Do you have a procedure for [...]?". The answer to this question is either yes or no. An assessment tool only gives you an overview of the situation. A road map of what you need to address based on your shortcomings.

In your Compliance Manager, you can read the text of the regulation, get recommendations on what to do, document the actions taken and the procedures in place for each point and section. This helps you avoid having to create all the heavy documentation required from scratch. The work you have done in your assessment tool will help you see where to start working with your compliance manager. That is - in the areas where there are the most deficiencies.

If you do not use a GDPR compliance manager

If you don't use a GDPR compliance manager, it can be difficult to know where to start working. GDPR is a comprehensive regulation and not having a starting point makes it much more difficult to get started. Common questions that arise in this situation are:

• Where should we collect the documentation?
• How can we keep track of what is done and what is not?
• Should we have to read the text of the regulation from top to bottom to understand what needs to be done?
• How will you follow up and ensure that you remain compliant in your day-to-day work?

A GDPR compliance manager has everything in black and white and can guide you through the process and make recommendations.

Microsoft's compliance manager is the basis of our GDPR hub. There we have gathered the technical tools available to ensure compliance. The solutions included in the hub mean that your compliance manager will already be filled in where a technical solution meets the GDPR requirements.

Want to know more about Microsoft's Compliance Manager or our GDPR Hub? Get in touch!