GDPR - PII audit

30% of businesses are not GDPR compliant

Source: Accountancy Age – June 2019

Organise and secure your data

Improve customer relationships

Enhance your business reputation

Improve overall efficiency

There are four main areas in which Wavex assist their clients - in discovering what you already have, in helping you respond appropriately to requests, in providing a good degree of accountability and in protecting you from risks.


With regard to GDPR, Wavex has developed a server application that can automatically find your user-identifiable data across all your servers. This analyses all you files of various file types and documents stored in SharePoint. The collected data, often tens of thousands of files, is then placed within a Business Intelligence tool to provide dynamic analysis.
The typical questions you are then able to answer are:

  • Where is the majority of my user-identifiable data?
  • What are the file types my user-identifiable data resides within?
  • What folders hold the most user-identifiable data?
  • When was this data created?
  • When was the data last accessed?
  • How many documents are specific user records within?

This information provides a good indication of the work involved in meeting your regulatory obligations.


The next challenge is ensuring you have built the appropriate processes to handle various user requests - access requests, right to be forgotten. Wavex build these processes onto their APEX® platform providing a convenient way of capturing the request and ensuring the correct activities are performed within the appropriate timeframe.


Ensuring you remain compliant is important however the work to achieve this can be challenging. Each part of your business needs to answer a range of questions at semi-regular intervals (called attestations). The Wavex APEX® platform automates this entire process; seeking answers from different departments and pulling this together to form your compliance dashboard.

Furthermore, reports can be automatically delivered to you on specified days outlining your level of compliance and any possible risks.


As part of GDPR it is vital that you have taken reasonable steps to protect your data. Wavex can provide a range of solutions and services to help you achieve a good degree of protection. These solutions range from end-point protection to proactive security assessments; all designed to minimise the risk of experiencing a data breach.

Clients also have access to our benign-phishing solution (also on APEX) which provides you an overview of who within your organisation may require additional cyber-risk training.

With a growing number of regulatory requirements for businesses we believe it is important for technology to be lightening the load.

Brigitte Braham, HR-Manager

Did you know that Wavex created a GDPR audit tool for its clients to automatically determine the locations of personal identifiable information across all their data?

Trending ebook

Outsource IT or Hire

Making the decision to hire or outsource is a complicated one which has major ramifications for the business. The right decision today is unlikely to be the right decision forever - as your business grows and evolves, your requirements change.

Download now

Take your first step towards our GDPR audit services

Speak to Wavex

Initial Requirements Gathering

Demonstration of Capabilities

High-Level Proposal

Financial Business Case / Sign-Off

Detailed Plan

Implementation / Deployment


User-Acceptance Training