IAPP GDPR
Readiness
Assessment
Quick Start Guide
April 2016
IAPP GDPR Readiness Assessment
Overview
The IAPP and TRUSTe have partnered to provide a comprehensive online assessment
tool to help companies assess their readiness to meet the requirements of the GDPR.
The IAPP GDPR Readiness Assessment is available via a special single user version of
TRUSTe Assessment Manager created for IAPP members. The assessment consists
of more than 60 questions mapped to the key requirements of the GDPR. After you
answer the questions, you will receive a report summarizing your responses along
with recommended remediation steps for items which are not consistent with the
regulation.
You should plan on spending one hour on your first GDPR Readiness Assessment. It
could take longer depending on the amount of follow up required and the answers
you provide. Fortunately you can always leave your project and return right where
you left off at any time. By following this simple Quick Start Guide you’ll be up and
running in no time.
Register your account
IAPP members can visit iapp.org/truste-gdpr to register. You’ll need to provide First
Name, Last Name, Company Name, and the email address where your temporary
account activation code will be sent.
You then receive an activation code along with a link. Click on the link and go
directly to the activation page where you’ll be prompted to select your password.
Once you do this you’re logged in, and ready to get started.
Returning users can go directly to https://login-iapp.truste.com/.
Set up your Assessment
Start your first assessment by clicking the “Start Assessment” button. It’s easily
found on the Welcome Page screen.
This is a streamlined, single user product optimized to do a GDPR readiness
assessment. Consequently the set up options are straightforward.
Click the “Upgrade Link” in the product navigation menu to learn more about
accessing additional functionality such as having multiple respondents and
approvers, assessment template customization, scheduling and more.
1.
Choose the EU General Data Protection Readiness Assessment template.
2. Assign a project name.
3. The project owner is you.
4. You can choose to add a description. This will help you identify this project
within the email notifications and among others in your assessment project
library.
5. Respondent selection is defaulted to you. This is the person who will answer
questions and provide evidence when requested.
6. Scope selections are optional fields that support filtering, reporting and
program management capabilities for heavy users.
7. Because you are the only user, Scheduling and reminder functionality have
been disabled. You can ignore this field.
8. Set up is complete. Click Next and begin your assessment.
Answer Assessment Questions
Beginning with the very first question your answers are captured in the project
report and can be previewed at any time!
There are more than 60 questions to answer to complete the assessment. Follow up
questions can make it longer. In a best case situation this would take about an hour
to complete. Answers can be saved, so you can log out and return later.
You can access a preview of your assessment report at any time by clicking the
Assessments tab in the top menu navigation, or by clicking Preview Report at the
bottom end of each survey section.
When you complete the survey, hit Submit and the assessment will move into the
Review Phase.
Review Gap Analysis
1.
Go to the Assessment tab, locate your project, and click to open it.
2. Click on the Assessment Result tab on the left of your screen to view
results.
3. You will see the questions of the assessment, broken into sections.
Questions with a green check mark status
the anticipated response.
are flagged as having
Questions flagged with an orange or red triangle
warrant additional
follow up as the response may not be consistent with the requirements
of the GDPR. Open these questions by clicking the expand button .
Remediate and Approve
1. Choose from several remediation utilities to resolve, change or accept
flagged responses. You can also assign a risk score and add both
comments & evidence.
2. When an issue is resolved, the status indicator will change to a green
triangle
so that it is easily identified as part of your historical record.
3. When all items are green you’re ready to approve.
4. The completed assessment will be saved in your project library. Come
back at any time to review the results or start your next assessment.
Additional Assistance
If you need any assistance in using the IAPP GDPR Assessment then contact
[email protected].
To find out about additional features such as adding other users to your
account, accessing more templates and reassigning questions - click on
“Upgrade” in the navigation bar.