top of page


adapting to ever changing conditions


General Data Protection Regulation

Download GDPR Toolkit

from Desktop

Business Continuity Planning

Business Continuity Planning

Providing Business Continuity & Specialist Data Privacy Support for over 10 years


  • Gap Assessment

    • The Gap Assessment is a detailed set of questions based on the regulation, and will highlight gaps between your current data protection practices and the requirements under GDPR

    • The questionnaire attempts to collect information about the current Data Protection practices of each business unit across your company, in order to assess the regulatory and reputational risks of non-compliance with the EU General Data Protection Regulation ('GDPR')

    • The output will highlight gaps between your current data protection practices and the requirements under GDPR


  • 2018 Data Protection Act Questionnaire

    • This questionnaire specifically looks at the GDPR and can be used to quickly find out how compliant your company is to the regulation.

  • Third Party Information Security GDPR Questionnaire

    • When you have reliance on at least one 3rd party for personal data processing, then this document can be shared with them, for them to complete and provide evidence of their compliance. As part of the GDPR, if you are controlling personal data, and sub-contract to a 3rd party for data processing, then you must be aware of their data protection capabilities.

  • Data Privacy Impact Assessment for Business Functions

    • This questionnaire is for internal projects or functions, in order to demonstrate GDPR compliance. The document is written in alignment to the GDPR articles and can be used, following the Gap Assessment, to cross-reference specific requirements and detail for remediation planning

  • Scenario Exercise Data Breach

    • Exercises should be run on a regular basis, and target specific key risks which have been identified as required for mitigation. This document will help you design, manage and report on data breach exercises

  • Information Asset Register

    • An analysis of where your personally identifiable data resides within your organisation

  • Data Protection Policy

    • This is an outline policy which can be adapted for any organisation


  • Subject Access Request Policy

    • This policy contains the detail which can be followed during a subject access request


  • Data Flow Mapping Approach

    • This shows how you should carry our data mapping


  • Data Mapping Tool

    • The data map will determine what personal data your organisation holds, where personal data resides within the organisations day-to-day business and where DPIAs may need to be performed


  • Identity Proofing and Verification of an Individual

    • In circumstances where Subject Access Requests or Data Subject Rights information is to be released, the identity of the data subject should be established, in accordance with recital 64 and article 12.6. This document explains how to identify an individual, assisting you with safeguarding the data and your reputation


Download BCP Toolkit

"BCP tools and plans used today in many organisations"

includes free 30-minute call with BCP subject matter expert

Download GDPR Toolkit

"Tried & tested GDPR tools and plans"

includes free 30-minute call with GDPR subject matter expert

Contact Westminster Business Continuity

"Contact WBC today, we can advise you


Mark Jones

Managing Director

  • BCMS Framework Proposal

    • The purpose of this document is to clearly define the objectives of implementing a Business Continuity Management System (BCMS)


  • Project Plan Outline

    • This is a detailed plan, to help implement an ISO-22301 compliant BCMS


  • BCP Project Risk Register

    • An example template of identified risks, including the definition of high, medium and low risks


  • BCP Content Matrix

    • This is an overview of all BCPs created, and their current status


  • Business Impact Analysis – Part One, Risk Assessment

    • This is a questionnaire, which identifies single points of failure, IT risk, third party risk etc.


  • Business Impact Analysis – Part Two, Critical Services

    • This is a predefined multiple choice questionnaire, which identifies critical services


  • ISO-22301 Self Assessment

    • This is a questionnaire which provides outcomes of the company’s current ISO-22301 compliance status


  • ISO-22301 Scorecard

    • This ISO 22301 Score Card  details the requirements (where relevant) that an organisation must comply with to achieve certification


  • Project Update

    • This is a template which can be used to provide updates on the status of the project


  • Crisis Management Plan

    • This is a templated document, which defines the mechanisms for how to manage an incident


  • Post Incident Review

    • This is a set of questions that should be asked, post incident, to determine any further actions / improvements that can be made


  • Business Continuity Plan

    • Following the outputs of the BIAs, this template can be fully detailed


  • Call Cascade Exercise Scope and Objectives

    • This document walks through the process of how to perform a call cascade successfully, and can be used during the exercise


  • BCM Policy

    • This is a templated BCM policy which can be written during the BCMS lifecycle, in order to provide governance of the BCMS


123 Buckingham Palace Road London SW1W 9SR 
Tel: 07545 760302

Success! Message received.

bottom of page