Case Study: ASSA ABLOY HKC

Background

Our client ASSA ABLOY, a multinational leader in building access management was in the process of acquiring HKC a market leader in alarm equipment based in the Republic of Ireland. Metataxis had worked with the ASSA ABLOY previously to help them establish a GDPR programme so when they needed to assess their new acquisitions’ data protection readiness, they approached us.

Requirements

Our client asked us to assess the new company’s compliance with GDPR and data protection requirements. This needed to be done quickly and effectively in alignment with tight acquisition timelines. ASSA ABLOY also required HKC to align their policies, procedures, and practices with their own internal data protection compliance programme. As part of an acquisition process this needed to be done with some sensitivity to the operational and cultural requirements of both companies.

Approach

    • Benchmarks

      We assessed HKC’s personal data management against KPIs based on ASSA ABLOY group policies.

    • Scalable solutions

      We took the GDPR programme of ASSA ABLOY, a global company and scaled it to suit the business, compliance, and risk management needs of the smaller specialist business.

    • Gap analysis and action plan

      Based on benchmark results we completed a gap analysis and an action plan.

    • Data process flows

      We worked with HKC to identify personal data holdings and data process flows.

    • Record of Processing Activities (ROPA) and Retention Schedule

      We mapped personal data processes to the ASSA ABLOY ROPA and assets to be added to the Retention Schedule.

    • Guidance and tools

      We created reusable and scalable assessment tools and provided guidance for ASSA ABLOY to use for measuring the compliance of future acquisitions.

Results

Our work provided ASSA ABLOY with the timely assurance they needed that HKC did not carry significant data protection liabilities. We were able to find a way to bring a smaller specialist company in alignment with a large multinational group that was compatible with the requirements of both businesses.

We worked closely with our client, providing guidance and resources on how to assess new acquisitions so that they had the self-sufficiency to carry our methods forward independently. Our client really valued the knowledge that we shared with them to help them manage future acquisitions. ASSA ABLOY now have the skills and knowledge to align future acquisitions to their group programme.

Other Case Studies