Top 20 Global Asset Management Company
Xcina Consulting was approached by a large, global asset management company to help them understand the data protection compliance position within their complex operating environment.
The work was broken down into two work streams, namely a data mapping exercise and a data security review.
The data mapping exercise included identifying:
- All the jurisdictions in which the client
- Primary, secondary and tertiary sites.
- Key systems / applications (including
those that are cloud-based).
- Types of personal data processed by each
- Significant legislation and regulation
pertinent to data protection in each
The data security review focused on:
- Aspects of IT security.
- Third party management.
- Governance related to data protection
policies, procedures, controls and
- Backup, storage, restore and disposal of personal data.
How we helped
We identified multiple control gaps and provided prioritised recommendations for improvement.
Additionally, we provided the insight to help our client understand how the EU General Data Protection Regulation would impact them globally.
As a result of the data mapping and data security review, it was deemed
that our client would benefit from the implementation of a robust Data Protection framework, which we also led.