Being a relatively young and entrepreneurial company, the systems and processes used within FitFlop had grown organically. Consequently, weaknesses and vulnerabilities were recognised, which the management team wanted to identify and remedy – not least the need to comply with the GDPR requirements.
Leading Resolutions was engaged by FitFlop to complete a study to inform the Board on the current and potential security risks from both a cyber and internal systems perspective.
Using the GDPR, PCI and ISO270001 frameworks we assessed their policies, technologies, processes and documentation to identify any risks and deficiencies. The gaps were qualified and prioritised, along with an assessment of the necessary actions.
"The GDPR expertise and knowledge demonstrated by Leading Resolutions was exceptional, and their success in rising to the compliancy challenge provided a quick and cost-effective way for us to gain confidence in the work we had undertaken and ensure there are no gaps in our ongoing compliance plan.”Global IT Director FitFlop
The resulting report provided the Board with a prioritised ‘to do’ list to address these risks, applicable to a retail business, enabling the Board to produce an action plan to become GDPR compliant. We provided ongoing assurance of the action plan and engaged to conduct a follow up audit to measure progress.
