GDPR GAP Analysis

Differential (comparative or also GAP) analysis is another step on the way to meeting the requirements of personal data protection. The output is a project plan, the maturity of your processes, requirements for internal directives, technology and legislation. You will then be able to implement the implementation with sample GDPR documentation yourself.

Would you like to compare to other courses?

Virtual Training or e-Learning?

We offer flexibility. You can choose from our selection of in-class courses as well as online courses.

Try a live virtual course

Target audience

To all who want to meet the requirements of the GDPR in the fastest and most efficient way

It should be the first step you can't do without. How effectively you can deal with GDPR depends on the GAP Analysis. it is given by how good the documents are and in what form they are prepared.

  • Statutory bodies, procurators and directors
  • Legal advisers, human resources and internal managers
  • Public administration employees, non-profit organizations
  • Employees in the sales department, but also marketing
  • Data administrators, databases, operators. Head of IT, security
  • Internal and external Data Protection Officer's (DPO)
Target audience


We use a methodological tool, GDPR CMM (Capability Maturity Model)

It is the most effective methodology for assessing the compliance of an organization's existing personal data protection with the requirements of GDPR and ePrivacy

CMM GAP analysis will help you determine the status of all mapped requirements and areas so that you are able to implement changes, complete missing processes and implement the measures below

GDPR CMM assesses current readiness on the site

  • technical (IT / IS / Applications)
  • paper documentation (files, forms)
  • procedural (setting rules, procedures, guidelines)
  • legal (GDPR legislation and personal data protection law)

Aims of the course

  • You will try working in the GDPR GAP CMM tool (Capability Maturity Model)
  • You will prepare a project and ensure compliance with Regulation 679/2016 EU GDPR
  • You will get a list of recommended measures and a detailed plan of what, how and why to implement!

Aims of GAP Analysis

The aim of the GAP analysis is to teach you to identify discrepancies between the requirements set out in the General Data Protection Regulation compared to the current data processing.

Namely, Risk Management, Scope of Processing, Roles and Responsibilities, Data Subject Rights, Data Processing Workflow, Personal Data Security and Performance of the Data Protection Officer.

GAP Analysis Procedure

  • Evaluation of the impact of EU Regulation 679/2016 on the organization.
  • General definitions of data and the way of their management (paper, structured data, recordings and more ..)
  • Assessment of the position of the Data Protection Commissioner. Recommendations for further action within the GDPR
  • Areas and scope of necessary interventions to ensure GDPR compliance (IT, Law, Web, Documentary records, HR, etc ..)

Outputs of GAP Analysis

  • The need to appoint a DPO
  • The state of ICT and the necessary changes
  • Legal situation and necessary changes
  • Status in the area of controlled documentation and necessary changes
  • Status in the field of paper documents and necessary changes
  • General recommendation on the scope of the GDPR on the organization

Jan Cuřín

Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.

  • Cyber Security standard author
  • Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
  • Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067

František Nonnemann

Frantisk has been dealing with the issue of law and practice of processing and protection of personal data for more than ten years. After graduating from the Faculty of Law of Charles University in Prague, he worked for many years in leading positions at the Office for Personal Data Protection, including as the head of the legal department.

He also participated in the preparation of the accredited course Commissioner for Personal Data Protection, is the author of the Handbook for Commissioners, is also involved in the development of other GDPR services, sample documents, methodologies, created an online free tool for GDPR Audit and now collaborates in the working group for GDPR certification Compliance.

Active activities in European working groups for personal data protection as well as in international control activities cannot be neglected either. He is a co-author of a commentary on Act No. 101/2000 Coll., On the protection of personal data, as well as a commentary on the GDPR, as well as a number of professional articles.

  • 2016 - present| TAYLLORCOX: GDPR Auditor
  • 2016 - present| Moneta
  • 2006 - 2016     | ÚOOÚ
  • 2000 - 2006     | Law faculty, Charles Univerisity 

Vít Lidinský

Ing. Vít Lidinský, Ph.D. is the head of the GDPR accreditation commission in the field of products, processes, services as well as the Data Protection Officer certification.

He is active as a Lead Auditor for ISO/IEC 27001 (Information Security Management System), BS 10012 (Personal Information System) GDPR and eIDAS standards. Last but not least, Vit works as a forensic expert in the field.

  • Since 2012, he has been working as a forensic expert in the field of economics, prices and estimates, with a special specialization in information systems and personal data protection.
  • For more than 5 years he was the head of the department. and Chief Executive Officer at the Ministry of Informatics, the Ministry of Foreign Affairs of the Czech Republic and the State Treasury Shared Services Center (ICT Departments).
  • He graduated from the Faculty of Business and Economics, majoring in information management - CULS. Here he gradually obtained a master's (Ing.) And doctoral degree (Ph. D.)

Graduate ratings

Excellent review from 1310 reviewers

What makes our references exceptional? They are not one-off events. Clients come back to us regularly.

  • Jitka V.
  • 11.12.20
  • MAG45

Kurz je super, zajimave tema a vyborny lektor. Moc mne to bavilo a zase se vratim, na nejake pokracovani.

  • Martin A.
  • 16.04.18
  • Daily Fitness Olga Šípková

Hodnotím velmi pozitivně lektory, kteří workshopy vedou, je vidět, že mají mnoho zkušeností s problematikou GDPR a dokáží své znalosti předat dál. 

  • Martin P.
  • 16.04.18
  • Klusák advokátní kancelář

Fajné :o))

  • Aleš P.
  • 16.04.18
  • Freelancer


  • Šárka Z.
  • 16.04.18
  • Všeobecná zdravotní pojišťovna

Školení od TAYLLORCOX vnímám jako jedno z nejlepších, které jsem absolvovala a to díky týmu profesionálů, auditorů, kteří do toho vnesou systematičnost. Výklad je správný, stručný. Velmi kladně hodnotím "střízlivý pohled na celou problematiku a implementaci GDPR". Za velké pozitivum považuji i nástroj Toolkit, což je sada šablon, metodik, pomocníků pro imlementaci a tvoření dokumentů.

  • Ervin H.
  • 16.04.18
  • MAS Sedlčansko

Velmi dobrý kurz.

  • Luboš S.
  • 23.01.18
  • Haida

Kurz splnil moje očekávání.

View the full list of reference clients.

Your rating

Not sure if this is the right courese for you? Get in touch!

For assistance please give us a call.

We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.

*items marked with an asterisk are mandatory

Would you like a gift for your birtday?