Keen to find out what your business needs to do when the GDPR is enforced? Our useful checklist, written by one of our GDPR certified consultants, has 34 thought provoking questions that cover off all the points you need to consider in order to start your journey to GDPR compliance. Alternatively, if you are looking for GDPR Consultancy please click here.

Enter your details to download

Infinity Group - GDPR checklist download

Here is a snippet of of some of the questions within the GDPR Compliance Checklist that you will soon need to provide the answers for:


  1. Are your business hard drives encrypted?
  2. Can devices such as phones, laptops and tablets be managed internally if they’re lost or stolen?
  3. Is your business using endpoint protection, so that only approved devices can be used with company devices?
  4. Are all passwords you store managed by a third party secure system?


  1. Does your business currently provide cyber security training to your employees?
  2. Are your staff trained to identify phishing emails? Do you test them?
  3. Are your staff aware of the most recent malware threats and how they might be delivered to the business?
  4. Has your business got a process in place that can be activated if staff open malware?
  5. Are all staff trained not to keep passwords or private data stored in personal folders on their computers?
  6. Are your staff aware that they must report any financial, data, and confidentially  breach to a member of management so they can report this  to  the ICO within 72 hours of loss?


  1. Do your staff have their own unique access rights and passwords, with appropriate permissions for their specific roles?
  2. Do you have more than one method of authentication as well as a pass word, that is required to log in to your user accounts and email?
  3. Do you have restrictions on the users that have local administration rights?
  4. Are all passwords managed so they have to be be a specific complexity?
  5. If your business has employees who work from home, have you as a company made sure the computer/tablet they are using is safe and secure?
  6. Within your server is each folder managed with restrictions for users who shouldn’t have access to specific files?
  7. When you obtain, a new customer does your business automatically sign them up for marketing emails?
  8. Have you got a process in place whereby customers can easily opt out of marketing emails, additional services etc?


  1. Do you have a secure backup and disaster recovery service in place for your business?

Download our GDPR Compliance Checklist to view the full section relating to backup


  1. Has your business got industry standard Malware protection in place that detects and protects against Malware attacks?

Download our GDPR Compliance Checklist to view the full section relating to security protection of the business.


  1. Do you change your Wi-Fi passwords regularly?

Download our GDPR Compliance checklist to view the full section relating to building security measures in relation to GDPR.

We look forward to discussing your GDPR requirements in more detail. 

Get in touch now!