• Solutions for managing the intersection of cybersecurity, vendors/supply chain, and data privacy risks.


The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance.

Rofori can help you understand GDPR and its impact on your business in the following pertinent areas:

  • Lawful basis of processing
  • Responsibility and accountability
  • Data protection by design and by default
  • Pseudonymization
  • Right of access
  • Right of erasure
  • Records of processing activities
  • Data protection officer
  • Data breaches
  • Sanctions and fines

Let DEFCON™ Cybersecurity Risk Assessment and DEFCON™ Data Privacy Risk Management solutions help you to better navigate and assess your cybersecurity practices, vendor due diligence, and compliance readiness!

Contact Us