Business area: Wealth Management

Client Problem:  APS completed a discovery review for 1 of our clients covering GDPR compliance for Data Landscape across the organisation so they could understand progress against current plan and understand potential gaps against GDPR delivery.

APS Approach:  APS principal consultant carried out a 4 week discovery engagement which included reviewing the current governance across the programme, documenting the gaps in the data discovery and implementing a clear critical path plan for data delivery relating to GDPR.

The initial focus was to gain business sign-off on the definition of personal Information, this enabled the client to focus on locating the data stores within the organisation that held personal information. These data stores were then mapped and the flow of data between systems was identified and aligned against the customer journey within the business, so that initial gaps could be pinpointed and ultimately closed. This ensured the client had confidence they knew what personal data they held, what they did with the data and who they shared the data with for progressing into delivery for GDPR compliance.

To support the delivery of the project and future proofing GDPR compliance post May 2018 the consultant advised on the selection of a data discovery tool which will help meet the timelines and also provide savings on time, cost and manual effort pre and post May 2018.

Outcome: APS Principal Consultant handed over to a GDPR Senior Project Manager to run the programme day to day covering detailed plans, regular status reporting and detailed client requirements for the data discovery tool selection.

Key stats:

  • Client is a FTSE 100 company with £85.7bn of client funds under management.
  • Personal Information requirements agreed and signed off by client
  • Legal Basis for processing data documented and embedded into the data landscape workstream