logo_FEDER español
gss-logo-header
DemoRequest a demo

Standard Profil

Alignment with Data Protection and Information Security standards

Standard Profil

standard-profil-logo

Customer

  • Industry: Manufacturing of sealing systems for automobiles.
  • Size: +1000 employees
  • Zone: Spain
  • Products: Data Protection, Security, and Whistleblowing channel
  • Main regulations: GDPR / ISO 27001 / Whistleblowing channel

Standard Profil, headquartered in Germany and with a prominent presence in La Rioja, Spain, is a global leader in sealing systems for automobiles. With decades of experience, its commitment to excellence and innovation is evident in solutions that exceed the expectations of the automotive market.

Challenges and scope of the project

The project consisted of adapting the Standard Profil Group to current Data Protection Regulations and aligning with ISO/IEC 27001 for the renewal of the certificate. The main challenges are presented below:

DATA PROTECTION

  • Lack of a structured record of processing activities.
  • Absence of automated processes to address the Risk Analysis and Impact Assessment methodologies of the processing.
  • Decentralization of assets involved in the processing of personal data (suppliers, hardware, software, facilities…).

INFORMATION SECURITY

  • Updating the ISO 27001 Information Security Management System to renew certification in the ISMS.
  • Risk Analysis methodology in obsolete files, with a complex and difficult-to-maintain methodology
  • Difficulties in coordination between those responsible for the system and the rest of the departments.
market-trends-partner-br

“The team, together with GlobalSuite®, have been essential in strengthening our security and data protection. A transformative experience.”

Jose María Rodríguez-Maimon
IT Manager

Solution

With the support of our consulting team and the GlobalSuite® software, Standard Profil not only faced complex challenges in data protection and information security, but also managed to align with global standards and current regulations in an efficient and systematic manner.

DATA PROTECTION

  • Creation of the Record of Processing Activities, guaranteeing structured and efficient monitoring.
  • Asset Traceability: With GlobalSuite, we achieved a complete view of assets related to data processing.
  • Automation and Risks: Implementation of automatic processes for Risk Analysis and Impact Assessment, enhanced by the advanced capabilities of the software.
  • Centralization of documentation.

INFORMATION SECURITY

  • Performance of Gap Analysis: complete analysis of all established procedures, verifying the status of implementation of technology and security controls
  • Adaptation of the Management System to the real operation of the organization.
  • Implementation of the GRC GlobalSuite® Software for the automated assessment of risks.
  • Document manager and centralized information under the same collaboration environment.

Results

  1. Adaptation of the Data Protection Management System to the applicable regulations and guidelines and recommendations of the AEPD, adaptable to any change in regulations or criteria.
  2. Accreditation of compliance with interested third parties or Control Authorities.
  3. Renewal of ISO/IEC 27001 certification with optimal results.
  4. Reduction of the documentary volume and agility in updating them.
  5. More precise risk analysis detecting real risks of the organization.
  6. Improvement in interdepartmental collaboration and involvement in the Management System.

Start your path to success now

Find out how to get started