Data Protection Gap Analysis (DPGA)

Meet GDPR requirements by identifying gaps, assessing risks and improving compliance.

What is a Data Protection Gap Analysis (DPGA)?

Sytorus data protection consultants assess where your organisation is in terms of GDPR compliance, while also providing a roadmap for risk mitigation thereafter.

A DPGA involves our expert consultants reviewing the data management practices already in place within your organisation and is based upon the 7 Data Management Principles in the GDPR legislation.

A DGGA is a very comprehensive, thorough means of assessing where organisations are in terms of GDPR compliance and helps them to detect any shortfalls in their data management practices with a key output being the identification and classification of detected risks or gaps with subsequent recommendations to address or mitigate each of them.

Sytorus consultants recommendations will be practical and commercially viable, implementable in a timely manner with minimal disruption to the organisation’s day-to-day business operations.

Why businesses need Data Protection Gap Analysis (DPGA) and why it’s important?


  • Do you know how compliant your organisation is with the GDPR legislation and its 7 Data Management Principles?
  • Can you demonstrate compliance in each of them, all of which carry equal weighting and importance?
  • Are you still struggling with where to start on your GDPR compliance activities?
  • Have you identified all data management practices in your organisation and do you understand the level of risk associated with the processing of personal data that you are acquiring from data subjects?
  • Do you know what to do in the event of a data breach or a request from a data subject who wants to understand what you are doing with their personal data?
  • Can you present to your current and prospective customers how you are managing your Data Protection compliance?

If you answered yes to any of these questions, schedule a consultation with us.

Schedule Consultation

What makes Sytorus Data Protection Gap Analysis (DPGA) different?


The consultant-led approach is ideal for organisations seeking a comprehensive gap analysis. Our data protection consultants can offer objective insight into the potential costs and risks involved in implementing a compliance program.

A DPGA will deliver real benefits and return on your investment (ROI).

The ROI can be realised through:

  • Demonstrate compliance internally & externally
  • Mitigate against the risk of possible reputational damage in the form of Data Breaches
  • Protect brand value
  • Enhanced customer satisfaction & engagement
  • Higher customer retention levels

Sytorus Data Protection Gap Analysis (DPGA) Assessment Approach


The Sytorus DPGA will assess your organisations compliance with reference to the 7 Data Management Principles of the GDPR.

  1. Fair, Transparent & Lawful Processing
    Are you acquiring personal data in a fair and transparent way and do you have a legal basis to have it in the first place?
  2. Purpose Limitation
    Do you only use the personal data for the purpose that you specified to the data subject?
  3. Minimisation of Processing
    Are you collecting too much personal data from data subjects?
  4. Data Accuracy & Quality
    How accurate and up-to-date is the personal data that you hold on data subjects?
  5. Retention/Storage Limitation
    Are you keeping personal data for too long?
  6. Security & Confidentiality
    What physical and IT security measures do you have in place?
  7. Accountability & Liability
    Can you demonstrate pro-active compliance in all data management principles?

Our team of experienced consultants will work with you to identify the most suitable interview candidates for the assessment, ensuring a cross section of your organisation is selected so your risk profile is fully identified through our interview-based approach.

Schedule Consultation
You can add a customer testimonials for social proof. It increases your authenticity and credibility. It directly help you achieving your goals. You also add a picture of a customer and a link to their website.

CEO, Company Name

Looking for help to assess your organisations compliance with GDPR.

Schedule Consultation