consulting | solutions


GDPR harmonizes data privacy law & regulation across Europe and is related to processing and controlling personal data. GDPR is applicable to entities holding or monitoring European Citizen’s personal data.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

GDPR presents organizations a framework to define and design their approach to privacy of data for all personnel, harness the value of the data and ensure that the organization is fit for tomorrow’s digital and cloud economy. ControlCase has a seasoned approach for conducting assessments and audits for many regulations and including the GDPR Data Impact Assessment (DIA).

To meet the challenge of European Union (EU) General Data Protection Regulation (GDPR), organizations must measure identify areas of non-compliance, and learn how to improve.

GDPR is the biggest change to EU privacy laws in 20 years. It is a significant overhaul of data protection laws and individual privacy rights protecting citizen’s personal information in the age of digital transformation.

GDPR impacts organizations of all sizes and establishes strict global privacy requirements governing how organizations manage and protect personal data while respecting individual choice. It affects both European organizations and any outside the EU that process data of European residents, including employees. Organizations can face fines up to the GREATER of €20 or 4% of total global revenue.

ajnaa’s GDPR Data Discovery and Maturity Assessment helps customers quickly evaluate their readiness and identify areas of non-compliance. ajnaa security consultants will work with an organization’s key stakeholders to evaluate GDPR maturity in four key areas.


ajnaa helps identify high value data assets and quantify data risks.Customers receive detailed reports and insights that help answer key questions, including:

  What sensitive information in my enterprise data stores present data risk (PII, PHI, PCI)?

  Where is sensitive data overexposed?

  Who has access to what?

  Where are users acting strangely or maliciously?

  What data is being used and what is not?



ajnaa works with key stakeholders to understand an organization’s GDPR scope, requirements, and compliance objectives. Through interviews and a detailed questionnaire ajnaa will assess the maturity of people, process, and technology relevant to GDPR.

The assessment identifies compliance gaps and measures organizational maturity and preparedness across the four key areas: Discover, Manage, Protect and Report. Completed assessments provide a detailed understanding of GDPR risks to enable an organization to:

  Plan and prioritise remediation steps

  Evaluate security controls and processes to close compliance gaps and increase GDPR maturity levels