We assessed HKC’s personal data management against KPIs based on ASSA ABLOY group policies.
- Scalable solutions
We took the GDPR programme of ASSA ABLOY, a global company and scaled it to suit the business, compliance, and risk management needs of the smaller specialist business.
- Gap analysis and action plan
Based on benchmark results we completed a gap analysis and an action plan.
- Data process flows
We worked with HKC to identify personal data holdings and data process flows.
- Record of Processing Activities (ROPA) and Retention Schedule
We mapped personal data processes to the ASSA ABLOY ROPA and assets to be added to the Retention Schedule.
- Guidance and tools
We created reusable and scalable assessment tools and provided guidance for ASSA ABLOY to use for measuring the compliance of future acquisitions.
Our work provided ASSA ABLOY with the timely assurance they needed that HKC did not carry significant data protection liabilities. We were able to find a way to bring a smaller specialist company in alignment with a large multinational group that was compatible with the requirements of both businesses.
We worked closely with our client, providing guidance and resources on how to assess new acquisitions so that they had the self-sufficiency to carry our methods forward independently. Our client really valued the knowledge that we shared with them to help them manage future acquisitions. ASSA ABLOY now have the skills and knowledge to align future acquisitions to their group programme.