From First Call to
Board-Ready in 10 Weeks
Four phases. A defined timeline. A defensible legal artefact at every stage. This is not an open-ended consulting engagement. It is a structured implementation with clear deliverables and measurable outcomes.
Before you build anything, you need to know exactly where your organisation stands. Not approximately. Not "probably compliant." Exactly.
Deliverables
- Comprehensive data flow mapping across every business unit, vendor, and processor
- Statutory obligation inventory — every DPDPA provision mapped to your specific operations
- Consent landscape audit — what you have, what you claim, what actually holds up
- Cross-border transfer exposure analysis under Section 16
- Children’s data processing assessment under Section 9
- Current-state Vibe Pulse Score (VPS) baseline measurement
Key Artefact
Exposure Assessment Report — a Board-presentable document that becomes your compliance baseline.
In Practice
This phase is uncomfortable by design. Most organisations discover that what they believed was "compliant" is actually a collection of assumptions held together by a privacy policy nobody reads and a cookie banner nobody configured properly. The Exposure Assessment does not judge. It maps. It measures. It tells you the truth.
Frequently Asked Questions
Begin the Process
The first conversation is confidential. No templates. No generic proposals. A practitioner’s assessment of exactly where your organisation stands.
Request Assessment