Evolution, the fire and security systems integrator, has completed a major consultancy project for an international semiconductor business in order to meet the ongoing requirements of the European Union’s General Data Protection Regulation (GDPR), which was enacted last year.
Renesas Electronics Europe Limited has been an Evolution client for several years. In 2017, Evolution completed a major upgrade and extension to the company’s CCTV and access control installation. The advent of the GDPR, however, obliged Renesas’ facilities manager Julie Blake to review the existing site security policies and procedures to ensure they were current and compliant.
Blake explained to Risk Xtra: “Like many organisations, we were receiving plenty of advice around the GDPR. It was recommended that we consult with our security partners. I was introduced to Evolution’s Risk & Design team whose members explained, in a very straightforward manner, what was required. The team then produced a comprehensive set of reports and documents in a timely fashion to meet all of our management requirements. The team members also explained that annual assessments of the CCTV system are now required. On that basis, we look forward to continuing to work with the Evolution team in the future.”
Evolution adopted an holistic view of the project and security risk, explaining how its approach would support Blake and her colleagues in meeting governance, risk management and compliance (GRC) requirements regarding security systems. The solution provided included a general assessment of CCTV in addition to a CCTV Privacy Impact Assessment as tools to help the client create the necessary system policies and procedures to meet its current legal obligations. This includes not only the GDPR, but also employment law and the Freedom of Information Act.
Brendan McGarrity, Evolution’s head of risk and design, added: “With an ever-changing and increasing need for organisations to consider GRC requirements, it’s my belief that Risk & Design services can provide clients with a comprehensive framework to improve building and asset security. It’s our role to support the client in meeting its GRC requirements for security by providing the necessary documented professional services.”