GDPR privacy by design and privacy standard operating procedures

The KPMG privacy video series is designed to help your organization think through the priorities of GDPR and align your privacy compliance efforts without disrupting business.



View all episodes of the "KPMG Privacy" video series.




  • Welcome and thank you for watching KPMG’s privacy video series.
  • This video will identify key documentation requirements necessary for privacy compliance and risk management.


  • Typically, during our analysis, we find the following out of date or non-existent with respect to GDPR:
    • Data inventory
    • Vendor management assessments
    • Data Protection Impact Assessment
    • Consent management
  • You need to work with stakeholders to understand existing processes supported by documentation, and consolidate processes into a standard approach where possible.
  • Evaluate opportunities to automate, such as data scanning, DPIA management and consent management tools.
  • Develop standard operating procedures that leverage new or updated documentation and achieve privacy compliance and risk management goals.


  • Please stay tuned for the final video in the set focused on sustaining GDPR efforts.
  • Thanks for watching.


Related content

Steven Stein

Steven Stein

Principal, Cyber Security, KPMG US

+1 312-665-3181
View more

Strategy and governance

Cyber security: it’s a business issue, not just an information technology issue.

Get the latest updates from KPMG Cyber Security Services.


Explore KPMG Cyber Security careers