How Small Irish Businesses Avoid the GDPR Sting

Accountants providing chartered accounting services and tax advice are alerting smaller Irish companies to the consequences of the pending General Data Protection Regulation (GDPR). They believe these are going to feel the most pain come 25 May 2018, if they do not implement GDPR by then. We are trying our best to help avoid this situation by providing advice.

How to Kick the GDPR Ball into Play

The Irish Information Commissioner?s Office has produced a toolkit regarding where?s best to start. They suggest beginning with an information security assessment to determine the gaps companies need to close. Once quantified, this leads naturally to a plan of action, and resources needed to fulfil it. Here?s how to go about it:

1. Start by assessing your current ability to identify, assess, and manage threats to customer data security. Have you done anything at all to date? You must be holding some customer information surely, and it is highly likely the GDPR applies to you.

2. Next, review your company?s current customer data security policies. Are they documented and approved, or do new employees discover them sitting next to Nellie? Rate yourself on a scale where ten is successful implementation.

3. Now consider how well you have pinned responsibilities on individuals to implement policies and take the lead on GDPR. The latter should be the business owner, or a board member with clout to make things happen.

4. By now, you should have a grasp of the scale of work ahead of you, remembering the EU deadline is 25 May 2018. If this sounds overwhelming, consider outsourcing to your accountant or a specialist provider.

5. Under the General Data Protection Regulation you have only 72 hours to report a breach of customer data security to the Information Commissioner?s Office. Do you have a quality assurance mechanism to oversee this?

Tangible Things to Bring Your Own People on Board

With all the changes going on, there is a risk of your employees regarding GDPR as ?another management idea going nowhere.? Thus, it is important to incorporate the new EU regulations in staff training, particularly with regard to data security generally. They may fully come on board only once they see tangible signs of progress. You should in any case put the following measures in place unless you already have them:

1. A secure area for your servers and for any paperwork your customers provided. This implies access control on a need-to-know basis to protect the information against loss, damage, and theft.

2. A protocol for storage media and record disposal when you no longer require them or something supersedes them. You are the custodian of other people?s information and they deserve nothing less.

3. Procedures to secure customer data on employee mobile devices and computers: This must extend to work done at home, at consultant sites, and by remote workers.

4. Secure configuration of all existing and new hardware to minimise vulnerability and storage media crashes. These quality assurance measures should extend to removable media and remote backups.

So Is This the Worst of the Pain?

We are at the heart of the matter, although there is more to tell in future articles. You may be almost there, if you already protect your proprietary information. If not, you may have key company information already open to malware.We should welcome the EU General Data Protection Regulation as a notice that it is time to face up to the challenges of data protection and security generally. The age of hacking and malware is upon us. The offender could be a disgruntled employee, or your competition just down the street. It is time to take precautions.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Implementing Matrix Management

Matrix management is a culture change. More than the hierarchical structures, lines of responsibilities, modes of communication and channels of decision-making, it is a concept that needs to be planned ahead and managed appropriately over time.

Implementing matrix management to any organization can be confusing. It is essential to ensure that it fits right to your business strategies, skills and competencies. With this, realizing matrix management should not be taken lightly. Careful stages should be considered, instead.

Here are the steps to proper implementation of matrix management:

Consider Your Business Context

You need to evaluate your organisation to analyse what are your development needs with regards to skills, products, services and market environment. This will help you decide on what type of matrix structure you will apply in your organisation. Consider the following questions in building up your context:

  • What is our strategy?
  • Where are the demands in our business?
  • What are the structures that our competitors currently employ?
  • What are the talents that my people possess?
  • What are other business organizations doing?

Set Your Implementation Scope

Next, you need to define the parameter and set the scope of your implementation. What area in your business do you think matrix management will successfully work? There are several things that you need to consider in setting your scope. You have to make sure that it works well with your overall business strategies, that it can be excellently communicated and easily understood. Also, you must ensure that you acquire the necessary talents and skills in the business to deliver the new system of responsibilities.

Implement the New Structure

When you have already decided what structure type you will implement, you are ready to give it a go. You will need to establish new communication channels so you can monitor the progress and receive feedback effectively.

Here?s how to apply the matrix structure:

  • Highlight your development needs
  • Define roles based on outputs and not inputs
  • Line up procedures and systems to support the structure and the behaviour that comes with it.
  • Invest in training and development
  • Support the key people in the structure by coaching them to better adapt in changes
  • Communicate regularly
  • Monitor progress and make necessary adjustments

Review the Matrix Structure, Roles and Responsibilities

Organisations that successfully implement matrix management adapt to the changes in their environment. With this, they do regular evaluations to highlight the need for changes and revisions. The review can either focus on the structure only or to the entire process as a whole. The results can alter the structure, the roles involved and the responsibilities taken.

The process of implementing matrix management follows a step-by step method. Each stage is equally important with the rest. Hence, if you plan to exploit it in your organisation, you have to recognise the purpose of each step and follow it appropriately. Balance is the key. And when you achieve stability in matrix management, amidst the complex changes in the world of business, then your organisational success is just around the corner.

Competencies, Roles and Responsibilities of Lead Assessors

Any organisation that opts for energy audits, Display of Energy Certificates and Green Deal Assessments needs a lead assessor to review the chosen ESOS compliance routes. The Derivative provides that energy audits should be carried out independently by qualified and accredited experts. Additionally, these audits should be implemented as well as supervised by independent authorities under the national legislation.

Lead assessors undertake several roles in ESOS assessments. He or she is the one responsible to take the lead of the entire assessment team, prepare the plan, conduct the meetings and submit the formal report to governing authorities. Nevertheless, selecting an appropriate lead assessor is an important element that every organisation should carefully consider.

Competencies Requirements of Lead Assessors

Lead assessors should be knowledgeable enough with in-depth expertise in carrying out energy efficiency assessment. They should also possess foundational, functional and technical competencies to deliver the task effectively. Likewise, consider the assessors? sector experiences, familiarity with your business? technologies and properties, and accreditation with prescribed standards.

As you choose your lead assessor, contemplate on the skills and qualifications that would give your organisation benefits.

Roles and Responsibilities of Lead Assessors

The business organisation is responsible for the overall legal ESOS compliance. Moreover, here are some of the roles and responsibilities that lead assessors should assume in ESOS assessments.

The lead assessor agrees on the audit methodologies that the organisation would undergo in new audits. He or she agrees with the ESOS participant regarding the audit timetable, sampling approach and visits required. It is also the lead assessor?s role to identify the opportunities on energy saving and assist in calculating the cost savings from the measures taken. During the ESOS audits, the lead assessor determines the energy use profiles, presents the recommendations and reviews the entire assessment as a whole. Furthermore, he or she should maintain the evidence pack of the ESOS to uphold the audit’s credibility, its findings and recommendations.

Finding Lead Assessors

Energy and environment professionals would only be able to demonstrate their expertise as lead assessors upon registering in a professional body accredited by the Environment Agency. Any business that needs a lead assessor is advised to check on the EA?s website to see the details of approved registers.

Lead assessors can either be in-house experts or external professionals. However, they should be able to provide proof of membership as an approved register to take the role of a lead assessor. If the organisation has an internal lead assessor, the company should then take the final ESOS assessment to two board-level directors that would sign the formal report.

Indeed, the lead assessor is an organisation’s partner when it comes to delivering great results. With good professional conduct and excellent management of an assessment team, the lead assessor can help achieve breakthrough energy efficiency strategies. More than anything else, the organisation will benefit from maximum energy savings opportunities ahead. Thus, every qualified business enterprise should invest in finding the best lead assessor to guide them towards success.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Making Click-and-Collect click

In my previous post, I introduced you to integrated e-commerce and explained why it is the right way to extend your business online. If you already have a brick-and-mortar retailing business and you’re looking to improve your online presence, you could start offering a click-and-collect service.

With click-and-collect, customers order online and then collect their merchandise from one of the retailer?s local branches. Why would they want to do that?

Apparently, there are buyers who now prefer a click-and-collect service over the delivery service of a purely online retailer. With the latter, they sometimes have to wait forever for the delivery van to arrive or contend with a missed-delivery card.

Basically, customers who want both the convenience of placing orders online and better control of their time find click-and-collect a better option.

Last December 2011, IMRG (Interactive Media in Retail Group) reported a ?significant rise in the percentage of click-and-collect e-retail sales in the 3rd quarter of 2011?. This accounted for 10.4% of all e-retail sales in that quarter. More specifically, the gain was 7.4%, which was also the strongest quarterly gain since IMRG started collecting this data.

Clearly, this particular service is gaining popularity. But how do you meet the rising demand in this area?

A click-and-collect service requires a highly synchronised ecosystem. You don’t want to have a customer order items from your online store, drive a couple of minutes from his house to your nearest outlet, only to find out that one of the items is no longer available.

This can only work if all systems involved are interconnected. Changes in the inventory in your individual outlets should reflect on your database in real time. In turn, these changes have to be reflected instantly on your online store. Conversely, once a buyer has picked items online and is already directed to a local outlet, those items have to be reserved there.

But that’s not all. Your system has to be seamless enough to support fast and reliable service. You don’t want your buyer to have to wait a long time before the items are ready for pick-up. It also has to be capable of tracking the status of ordered products, handling uncollected orders, and monitoring inventory.

By implementing an integrated e-commerce system, these won’t be the only things you?d be able to do. You can even add more value to your service. For example, you can connect to your CRM and learn more about your customers? purchase history, buying habits, and preferences.

That way, it would be easier for you to provide a faster and more convenient buying experience for them in the future.

Click-and-collect is a very promising way to increase your sales and improve customer loyalty.

Ready to work with Denizon?

Contact Us Today