GDPR gap analysis

Take your first step towards compliance with a comprehensive GDPR assessment that easily outlines your next steps.

Trusted GDPR Compliance Services

CREST approved
PEN TEST approved
Offensive Security OSCP
ISO 27001 Certified
Cyber Essentials Certification
Cyber Essentials Plus Certification

Get a fast GDPR gap analysis quote

Everything you need to start your GDPR compliance journey

Expert consultants

Our certified GDPR practitioners have extensive experience in both public and private sectors.

Document review

We’ll evaluate your key GDPR documentation for a more comprehensive assessment.

Infosec analysis

Assess your information security policies and procedures in relation to the protection of personal data.

Expert advice

Our team will support you in your journey to achieving and maintaining GDPR compliance.

GDPR gap analysis at Bulletproof GDPR gap analysis at Bulletproof

Get a full picture of your GDPR compliance

Your GDPR gap analysis will start with a series of interviews with key departments in your organisation that handle personal data, such as HR, IT, Sales and Marketing.

These interviews allow our team to assess your current processes and policies against GDPR requirements.


GDPR document review at Bulletproof GDPR document review at Bulletproof

GDPR document review included

Unlike many other providers, we will include a full review of up to 20 documents as part of your GDPR gap analysis.

This could include any existing GDPR documentation including policies, procedures, logs and registers.


GDPR gap analysis reports at Bulletproof GDPR gap analysis reports at Bulletproof

Get a comprehensive GDPR report

Once your GDPR gap analysis is complete you will receive a detailed, actionable report that contains:

  • A snapshot of your current state of compliance against GDPR compliance
  • Comments and suggestions on how to improve existing GDPR documentation
  • An action plan identifying what needs to be done to address areas of non-compliance

Learn about GDPR gap analysis benefits at Bulletproof Learn about GDPR gap analysis benefits at Bulletproof

Benefits of a GDPR gap analysis

Here are just some of the ways that your business will benefit from completing a GDPR gap analysis:

  • Get an accurate picture of where your organisation currently is in terms of GDPR compliance
  • Grow your understanding of the GDPR with the help of our friendly and experienced data protection consultants
  • Highlight issues with your current processes and learn how to address them
  • Identify a clear path forward for establishing a compliance framework
Get a quote today

GDPR compliance staff at Bulletproof GDPR compliance staff at Bulletproof

Why choose Bulletproof?

Our consultancy team is made up of certified GDPR practitioners and data privacy experts. We help businesses of all sizes implement and maintain their compliance standards, providing guidance on all aspects of data protection.

We understand that every organisation will be at a different stage of their compliance journey. Our team will work with you to deliver a comprehensive GDPR gap analysis report with actionable findings that are tailored to your company.


Here’s what our customers say about us

GDPR gap analysis FAQs

A GDPR assessment is the first step companies need to take on their journey to compliance. The purpose of the gap analysis is to assess an organisations level of compliance to the GDPR requirements, identify areas of non-compliance and provide an action plan to address these. Companies that conduct a GDPR readiness assessment will have a clear plan of what they need to do and how to do it, thus making the journey to compliance easy to understand and straightforward.

Our GDPR assessment involves:
  • Interviewing key staff who handle personal data e.g. IT, HR, Sales, Marketing, Customer Services, Senior Management, existing privacy staff
  • A review of your GDPR related documentation e.g. policies, procedures, logs, registers etc
  • Preparation of a comprehensive report that outlines:
    • Our findings of the current state of compliance against GDPR requirements using a Red, Amber, Green (RAG) status
    • A document review with comments and suggestions on improvements
    • An action plan identifying what needs to be done to address areas of non-compliance

Typically we need to speak to people that head up departments such as IT, HR, Marketing, Finance, Sales, compliance, legal and also anyone who currently has responsibility for privacy. It can also be good to speak to frontline staff that know the day to day job really well as they can often offer insights that managers can’t.

Once we have finished interviewing all your team, we will write up the report, which usually takes 1 day and then the report goes through our rigorous QA process to ensure it meets our quality standards. Typically this means you will have your report within 5 working days of the last interview.

The gap analysis is designed for organisations that may have done some bits and pieces around GDPR but don’t have an established compliance framework/programme in place. It’s really for those organisations who are starting on their journey to compliance. An audit is for those organisations who have put in place a framework/personal information management system and who want to carry out regular checks to make sure it is still operating as envisaged.

As part of your GDPR gap analysis, our team will cover the following main areas of compliance:

  • Governance
  • Risk management
  • GDPR resourcing
  • The need for a DPO (Data Protection Officer)
  • Roles & responsibilities
  • Scope of compliance
  • Personal data processes
  • PIMS (Personal Information Management System) & ISMS (Information Security Management System)
  • Data subject rights

Typically interviews with individuals take in the region of 1-2 hours and we will work around your schedule to find a time that is convenient. We’re happy to book different slots of different days to make it work for you. Occasionally after meetings there may be one or two follow up questions, but we can usually address these via email.

If there are questions about the report, we can address these as part of the catch-up meeting which we normally have a few days after you have the report. If however, your question is urgent, please feel free to contact the consultant who conducted the gap analysis and they will be happy to answer any queries.


GDPR gap analysis resources


Trusted cyber security & compliance services from a certified provider