Everything you need to start your GDPR compliance journey

Expert consultants

Expert consultants

Our certified GDPR practitioners have extensive experience in both public and private sectors.

Document review

Document review

We’ll evaluate your key GDPR documentation for a more comprehensive assessment.

Infosec analysis

Infosec analysis

Assess your information security policies and procedures in relation to the protection of personal data.

Expert advice

Expert advice

Our team will support you in your journey to achieving and maintaining GDPR compliance.

GDPR gap analysis at BulletproofGDPR gap analysis at Bulletproof

Get a full picture of your GDPR compliance

Your GDPR gap analysis will start with a series of interviews with key departments in your organisation that handle personal data, such as HR, IT, Sales and Marketing.

These interviews allow our team to assess your current processes and policies against GDPR requirements.


GDPR document review at BulletproofGDPR document review at Bulletproof

GDPR document review included

Unlike many other providers, we will include a full review of up to 20 documents as part of your GDPR gap analysis.

This could include any existing GDPR documentation including policies, procedures, logs and registers.


GDPR gap analysis reports at BulletproofGDPR gap analysis reports at Bulletproof

Get a comprehensive GDPR report

Once your GDPR gap analysis is complete you will receive a detailed, actionable report that contains:

  • A snapshot of your current state of compliance against GDPR compliance
  • Comments and suggestions on how to improve existing GDPR documentation
  • An action plan identifying what needs to be done to address areas of non-compliance

Learn about GDPR gap analysis benefits at BulletproofLearn about GDPR gap analysis benefits at Bulletproof

Benefits of a GDPR gap analysis

Here are just some of the ways that your business will benefit from completing a GDPR gap analysis:

  • Get an accurate picture of where your organisation currently is in terms of GDPR compliance
  • Grow your understanding of the GDPR with the help of our friendly and experienced data protection consultants
  • Highlight issues with your current processes and learn how to address them
  • Identify a clear path forward for establishing a compliance framework
Get a quote today

GDPR compliance staff at BulletproofGDPR compliance staff at Bulletproof

Why choose Bulletproof?

Our consultancy team is made up of certified GDPR practitioners and data privacy experts. We help businesses of all sizes implement and maintain their compliance standards, providing guidance on all aspects of data protection.

We understand that every organisation will be at a different stage of their compliance journey. Our team will work with you to deliver a comprehensive GDPR gap analysis report with actionable findings that are tailored to your company.


Here’s what our customers say about us

Get a GDPR gap analysis quote

Let our experienced GDPR consultants help you get on top of your compliance. Get in touch today.

For more information about how we collect, process and retain your personal data, please see our privacy policy.


GDPR gap analysis FAQs

What is a GDPR gap analysis?

A GDPR assessment is the first step companies need to take on their journey to compliance. The purpose of the gap analysis is to assess an organisations level of compliance to the GDPR requirements, identify areas of non-compliance and provide an action plan to address these. Companies that conduct a GDPR readiness assessment will have a clear plan of what they need to do and how to do it, thus making the journey to compliance easy to understand and straightforward.

Our GDPR assessment involves:
  • Interviewing key staff who handle personal data e.g. IT, HR, Sales, Marketing, Customer Services, Senior Management, existing privacy staff
  • A review of your GDPR related documentation e.g. policies, procedures, logs, registers etc
  • Preparation of a comprehensive report that outlines:
    • Our findings of the current state of compliance against GDPR requirements using a Red, Amber, Green (RAG) status
    • A document review with comments and suggestions on improvements
    • An action plan identifying what needs to be done to address areas of non-compliance

What areas does the GDPR gap analysis cover?

As part of your GDPR gap analysis, our team will cover the following main areas of compliance:

  • Governance
  • Risk management
  • GDPR resourcing
  • The need for a DPO (Data Protection Officer)
  • Roles & responsibilities
  • Scope of compliance
  • Personal data processes
  • PIMS (Personal Information Management System) & ISMS (Information Security Management System)
  • Data subject rights

Who will need to be involved in a gap analysis?

Typically we need to speak to people that head up departments such as IT, HR, Marketing, Finance, Sales, compliance, legal and also anyone who currently has responsibility for privacy. It can also be good to speak to frontline staff that know the day to day job really well as they can often offer insights that managers can’t.

How much time do we need to set aside for the GDPR assessment?

Typically interviews with individuals take in the region of 1-2 hours and we will work around your schedule to find a time that is convenient. We’re happy to book different slots of different days to make it work for you. Occasionally after meetings there may be one or two follow up questions, but we can usually address these via email.

How quickly will I get my GDPR gap analysis report?

Once we have finished interviewing all your team, we will write up the report, which usually takes 1 day and then the report goes through our rigorous QA process to ensure it meets our quality standards. Typically this means you will have your report within 5 working days of the last interview.

What if I have questions or I don’t understand something?

If there are questions about the report, we can address these as part of the catch-up meeting which we normally have a few days after you have the report. If however, your question is urgent, please feel free to contact the consultant who conducted the gap analysis and they will be happy to answer any queries.

What’s the difference between a GDPR gap analysis and a GDPR audit?

The gap analysis is designed for organisations that may have done some bits and pieces around GDPR but don’t have an established compliance framework/programme in place. It’s really for those organisations who are starting on their journey to compliance. An audit is for those organisations who have put in place a framework/personal information management system and who want to carry out regular checks to make sure it is still operating as envisaged.

GDPR gap analysis resources

Our experts are the ones to trust when it comes to your cyber security

CREST approvedCREST approvedCREST approved
Payment card industry data security standardPayment card industry data security standardPayment card industry data security standard
ISO 27001 certifiedISO 27001 certifiedISO 27001 certified
ISO 9001 certifiedISO 9001 certifiedISO 9001 certified
Government G-Cloud supplierGovernment G-Cloud supplierGovernment G-Cloud supplier
Crown commercial service supplierCrown commercial service supplierCrown commercial service supplier
Cyber EssentialsCyber EssentialsCyber Essentials
Cyber Essentials PlusCyber Essentials PlusCyber Essentials Plus