Percipio logo
Retail & Consumer Products

Ensuring Compliance with NIST and GDPR Regulations

Optics and Lenses

Ensuring Compliance with NIST and GDPR Regulations
Ensuring Compliance with NIST and GDPR Regulations

Percipio evaluated the current control environment and led the design of the compliance program to prioritize and implement key components before the deadlines. We brought an understanding of the tech environment and regulatory requirements, which were new, accessing experts with data privacy and security backgrounds as needed.

We helped facilitate discussion to identify gaps and evaluate solutions, and build consensus on how to address those gaps, as well as implement and adopt changes.

We then developed a roadmap for implementation, who owned which piece, how and when they should have it in place, all the while tracking progress along the way for a good handoff.

We built an awareness at the executive level and across the organization of the requirements for compliance and identified processes that were impacted.

By setting up our client with standards, we eliminated opportunities for non-compliance and improved their business environment to avoid fines, penalties and potential disruptions.

We strengthened their control framework, which also makes their processes more reliable and efficient in addition to being compliant. Our client also now had a formal security incident response plan, including framework, testing, training, communications, playbook and forms.

Percipio Icon
With NIST and GDPR regulations looming on the horizon, our client needed support to ensure they were in compliance. Percipio was asked to provide support in the planning, implementing new standards, and establishing ongoing procedures for compliance.

Challenges
  • NIST was a new requirement that required a lot of work interpreting the standard
  • GDPR regulation was broader than information technology and required building more consensus across the organization to build that standard
  • Short timeline with specific deadlines to follow that were set by regulatory bodies
Services
  • Risk Advisory
  • Technology Leadership
  • Strategy & Execution
  • People & Change
Solutions

Percipio evaluated the current control environment and led the design of the compliance program to prioritize and implement key components before the deadlines. We brought an understanding of the tech environment and regulatory requirements, which were new, accessing experts with data privacy and security backgrounds as needed.

We helped facilitate discussion to identify gaps and evaluate solutions, and build consensus on how to address those gaps, as well as implement and adopt changes.

We then developed a roadmap for implementation, who owned which piece, how and when they should have it in place, all the while tracking progress along the way for a good handoff.

We built an awareness at the executive level and across the organization of the requirements for compliance and identified processes that were impacted.

By setting up our client with standards, we eliminated opportunities for non-compliance and improved their business environment to avoid fines, penalties and potential disruptions.

We strengthened their control framework, which also makes their processes more reliable and efficient in addition to being compliant. Our client also now had a formal security incident response plan, including framework, testing, training, communications, playbook and forms.

“Thank you for the tremendous body of work produced in the past 4 months. This has not only put Leupold in a position of compliance for our military contracts, but also has set the roadmap for a much more robust information security framework.”

Bill Achord, Director IT

Ready to work with us?