Policy Control System

Business Audit: Data Inventory

A simple solution to your data protection headaches, using tools you already own

The Requirement

The Office the Information Commission says organisations must Identify what personal data you hold (this can be achieved by setting out the information listed in Article 14 of the DPJL). Jersey Data Protection Law Article 14 The Controller must maintain a written record of the processing activities (see below)

(a) the name and contact details of the controller and any joint controller, representative of the controller or data protection officer;
(b) the purposes of the processing;
(c) a description of the categories of data subjects and personal data processed;
(d) a description of the recipients (if any) to whom the controller intends to, or may wish to, disclose the data;
(e) where it is envisaged that data will be transferred to a third country or an international organization, the name of that country or organization, and .. the appropriate safeguards that are put in place;
(f) where possible, the envisaged data retention periods for different categories of data; and
(g) where possible, a general description of the technical and organizational measures implemented in respect of the processed data.

Your Options

Option 1: Create a complex table in excel and somehow get over the fact that you have many staff trying to add, amend and delete data without a real understanding of the data, the options, or implications of those choices resulting in random and meaningless entries which are impossible to manage or validate.


Option 2: Buy a complex CRM style solution that will take ages to implement, cost thousands of pounds, be hugely cumbersome and demand that each person pays a license fee no matter how much or little they may use the system.


Option 3: Develop something in-house using the tools you already have to create a multi-user solution that is simple, effective and easy to amend, extend, import or export. This solution will have simple look-ups and check-boxes to guide the users through the legal requirements and the necessary steps to compliance.

Our Solution

We have built Option 3: for you. It is ready to run on your SharePoint on-premises or in the cloud and only needs to be configured for your business. For example adding department names, product names and colours. Even better, this can link to your Officer 365 and Power-BI and can easily allow import or export to any other platforms, or provide automation and workflow. Moreover there is no additional user fees or licences, we simply deploy onto your existing system(s)


Our solution is able to use the data to create Data Protection Impact Assessments DPIAs, and Privacy Notices, and Data Sharing Agreements at the touch of a button all configurable to your requirements and drawing upon the data held to ensure that everything is consistent and up-to-date.


We have watched our rivals deploy systems over 12 months plus, costing upwards of £30k per year in fees and then additional annual license fees. By comparison we are able to configure, deploy and train everyone to use the system in 4 weeks at around £10k total cost (forever). That’s it. Moreover because we run on your SharePoint you do not have to rely upon us to add, amend, or extend the system you can use your in-house team.


Of course we are happy to provide support or training on SharePoint, Office 365 or Power-BI. It is always available and it is always your choice.

Your Next Step

If you are interesting in our Data Inventory Solution, or other products including Breach Management and Subject Access Database please do not hesitate to contact us. We will happily provide customer testimonies and set-up a demo.


Tim HJ Rogers MBA CITP
Mob 447797762051