Providing organisations with clarity and confidence on the appropriateness and effectiveness of their operational controls.
With ever-increasing complex regulatory requirements and a continuously evolving technology landscape, our Assurance Services focus on enabling organisations to be compliant, ensuring operations are effectively controlled and identifying and addressing risks. We work closely with you to identify and develop practical and pragmatic solutions.
Our Assurance Services include
Data Protection Health Checks
We provide a targeted Data Protection Health Check service to support all types of organisations and businesses. Our Health Checks provide a structured and informative review of compliance with GDPR and local data protection legislation using a tried-and-tested set of tools tailored to individual business needs.
They focus on both business and IT requirements, looking at what personal information is held and processed and what data protection risks exist, and deliver a bespoke report and plan to allow your business to move towards compliance and ensure you maintain compliance. We deliver three levels of health checks:
- Rapid Review
- Risk-based Health Check
- Full Data Protection Audit
Business Continuity Plan – Gap Analysis and Assessment
Based on ISO 22301, we conduct a detailed gap analysis and assessment of your Business Continuity Plan. Our analysis will enable you to develop an effective business continuity management plan against an internationally recognised standard. We work closely with you to identify weaknesses and areas of concern, manage or minimise your organisational risk, and improve your resilience. Our BCP Analysis and Assessment work will:
- Provide confirmation of business continuity scope
- Identify legal, regulatory and contractual obligations
- Identify gaps in your current plan against ISO 22301
- Identify risks in your current plan
- Provide a framework for the remediation of gaps and management of identified risks
Project Health Checks
The CBO Project Health Check service will significantly improve the outcome of an organisation’s project or programme. It helps organisations that want to deliver projects successfully and prevent financial, reputational or even cultural damage.
Our Project Health Check toolkit has been built on upon industry best practice such as ISO10006:2003, PRINCE2, PMBOK and APM methodologies.
We have three levels of Project Health Checks:
- Ad-Hoc/Rapid Review
Ad-Hoc or Rapid Review: A one-off review that will deliver a Red-Amber-Green (RAG) report status for each project area alongside recommendations for improvements. - Ongoing Project Review & Assurance
Our ongoing review will ensure that a project is in a fit state to progress from one stage to the next, delivering a stage report and recommendations. - Full Project Audit
Our most in-depth project assurance service is designed for high value or high-risk projects and programmes delivering stage-based reviews to provide comprehensive assurance on all aspects of the project at each critical point.
Assurance services articles
Data Protection Health Checks Bringing clarity and confidence to your data protection controls. When processing personal data, it is vital for businesses to ensure that the appropriate safeguards and controls are in place, and that they are effective. This is critical in order to build and maintain customer trust and to avoid both financial […]
Context The General Data Protection Regulation (GDPR) became legally effective from 25 May 2018 in all EU member states with equivalent legislation in Guernsey. The Data Protection (Bailiwick of Guernsey) Law 2017 allowed some deferrals for implementation until May 2019. Through a GDPR Health Check, led by CBO in conjunction with the States of Guernsey […]
Privacy policy on the website updated – Tick Data protection policy updated – Tick Communications sent to staff about data protection – Tick Training rolled out to staff – Tick Cue the sigh of relief on 25th May 2018 as GDPR is done with, right? Not quite… The EU legislation, as well as the local […]
