Bloor Research and Cognisco have joined forces to provide a human risk-based GDPR (EU General Data Protection Regulation) readiness assessment tool. People are central to an organisation understanding and maintaining consistent compliance with the new GDPR legislation. It isn’t enough to have processes, policies or technology in place. The fundamental question the Regulator (or, indeed, an aggrieved data subject) will ask is whether your employees understood the rules and were confident and competent in applying them.
For GDPR, Bloor’s analysts have provided the scenarios, subject matter expertise and assessment content, with Cognisco’s Occupational Psychologists ensuring assessment validity. The two organisations will work to provide consistent updates to the assessments as the regulation evolves and plan to work together to develop more assessment topics in the coming months. Any realistic GDPR strategy will needs to approach employee motivation and incentivisation – as well as delivering a positive business-value outcome.
Cognisco are expert in the assessment and evidence of competence, confidence and compliance and Bloor Research are internationally renowned experts in IT and Data security. The two organisations have collaborated to develop a scenario-based Situational Judgement, Multiple Response Evaluation assessment which looks specifically at whether your employees understand and are confident in applying the new legislation.
A Software as a Service based assessment using Cognisco’s unique competence/confidence correlation model and leading reporting and analytics platform, my*KNOW gives users access to a series of Bloor-developed scenarios and possible responses which might arise around GDPR.
What you get
For a small, annual per-person fee, this short rigorous assessment will take no more than 30 minutes for each employee to work through (stopping and starting as they please). On completion, the employee, and the organisation, is presented with an intuitive, granular, report which highlights where each individual is both competent and confident in their understanding and application of GDPR policy; and also where they have knowledge gaps or misunderstandings which will require remediation.