Reviewing documentation (e.g. policies and procedures)
Attending client sites to monitoring work practice compliance
Providing training/raising awareness about data protection issues/priorities
Undertaking or advising on DPIAs, security incident investigations, or rights requests
Advising on processor contracts and sharing agreements, Data Processing agreements, scope from Information Security side and Risk evaluation and remediation
Data Controller and Data Processer/sub processer agreements review from Data privacy and information security perspective
Undertaking periodic compliance audits
Submitting periodic compliance assurance reports to senior management
Liaison with and representing the client to the ICO and data subjects
Testing information security controls (Firewall, WAF, DDOS, IAM, EC2, LB, S3, Pen Testing Contracts and Tools)
Information asset registers
Appropriate privacy information
Personal data breach logs
Data subject rights request logs
Information risk register
Other elements of the information governance framework
Liaison with legal counsels, cyber security and IT professional to map technology, people and processes with GDPR and Privacy Laws
Report of all assessment and gaps in technology, privacy and info security area with execution plan