IT Security and GDPR Compliance

For this we use standardized and recognized guidelines, including the Code of Conduct (CoC) for GDPR Compliance of the Cloud Security Alliance (CSA) as well as guidelines of the Federal Office for Information Security (BSI) and the procedures proposed therein.

Our approach

  1. Clarification of the commission
    Which goals are subject to fulfil the compliance?
    What is needed to be assessed exactly?
  2. Legal framework
    Which legal regulations are relevant and must be met by your business?
  3. Analysis – Audit – Measures

    a. As-is Analysis
    Survey of the status quo

    b. Assessment
    Risk assessment and compliance assessment

    c. Measures
    Deriving technical and organizational measures
    (TOM) to reduce risks and guarantee GDPR

  4. Accompanied conversion
    Accompanied implementation of the derived technical and organizational measures
  5. Confirmation of the GDPR Compliance
    (Declared Trust Mark); Self Assessement CSA CoC GDPR Compliance

Service packages

Assisted Self Assessment

  • eGovCD supports the analysis and verification of compliance and develops corresponding measures
  • Result: Professional report on risk assessment and necessary compliance measures

Accompanied implementation

  • eGovCD advises on the implementation of derived measures to ensure compliance
  • Result: Counseling in the implementation and documentation of the measures for the Self Assessment

GDPR Compliance confirmation

  • Performing the Self-Assessment in the CSA Registry
  • Result: Declared Trustmark of the CSA (Self Assessment)


  • Regular checks, e.g. after changes & adjustments to your IT infrastructure and processes
  • Result: GDPR compliance granted at all times