International Association of Privacy Professionals (IAPP)

Your comprehensive global information privacy community and resource

Your comprehensive global information privacy community and resource

The International Association of Privacy Professionals (IAPP) is a resource for professionals who want to develop and advance their careers by helping their organizations successfully manage these risks and protect their data. In fact, we’re the world’s largest and most comprehensive global information privacy community.

Data powers the information economy. And the risks associated with it continue to skyrocket. Data breach, identity theft, loss of customer trust—these are the threats to organizations of all sizes, in all sectors, in today’s marketplace.


The International Association of Privacy Professionals (IAPP) is the largest and most comprehensive global information privacy community and resource, helping practitioners develop and advance their careers and organizations manage and protect their data.

The IAPP is a not-for-profit association founded in 2000 with a mission to define, support and improve the privacy profession globally. We are committed to providing a forum for privacy professionals to share best practices, track trends, advance privacy management issues, standardize the designations for privacy professionals and provide education and guidance on opportunities in the field of information privacy.

The IAPP is responsible for developing and launching the only globally recognized credentialing programs in information privacy:

Certified Information Privacy Professional (CIPP)

Certified Information Privacy Manager (CIPM) 

Certified Information Privacy Technologist (CIPT)

The CIPP, CIPM and CIPT are the leading privacy certifications for thousands of professionals around the world who serve the data protection, information auditing, information security, legal compliance and/or risk management needs of their organizations.

In addition, the IAPP offers a full suite of educational and professional development services and holds annual conferences that are recognized internationally as the leading forums for the discussion and debate of issues related to privacy policy and practice.



GDPR consulting

Our approach towards GDPR consulting

The Compliance consultancy includes two phases such as GDPR Gap Assessment, Implementation Assistance and Audit

Phase I: GDPR Gap Assessment

This phase involves

a) A Round Table Discussion with the team of top management executives responsible for key decision making in the organization. This includes IT, IS, Legal, Commercial, HR, Finance executives including the CEO/COO. The objective of this discussion is to ensure that there is a common understanding of the impact of GDPR on the operations of the Company

b) Conducting one to one interviews with key executives and completion of a questionnaire to understand the data processing environment in the Company

c) Further discussions for clarification as may be required with select key personnel

At the end of Phase I, a GDPR Gap Assessment Report would be prepared. The feedback of the top management would be obtained on the report. It would be discussed and refined to ensure that there is top management acceptance to the gaps identified and conversion of the Gap Assessment into an “Implementation Charter”.

Phase II: GDPR Implementation

Based on the GDPR Charter adopted at the end of Phase I, the Company would undertake the steps to implement the measures needed to bridge the gaps. 

Assistance would be provided to develop and refine policy documents as may be required. There may also be a need for review of SLAs with both upstream and downstream business associates and discussions with the representatives of such organization on their own compliance readiness.

During the implementation, manpower sanitization of GDPR requirements may be one of the implementation requirements.

Phase III: Audit

Monitor& control current and future GDPR compliance

Training Services

TGroup is a Global training and consulting Services Company offering expertise in IT and GRC .

Headquartered in Bangalore India., the hub of software technology – T Group has carved a niche for itself in the IT and GRC industry. With offices in India T Group provides consulting to small, medium and large organizations on end-to-end solution for their IT and GRC needs. T Group has consultants in IT and GRC  with expertise on various domains and tools covering gamut of operations, providing cost-effective and quality IT and GRC services for the industries through consulting, outsourced DPO services. We help organizations take full advantage in maintenance and can serve as an extension to your team to speed up the IT and GRC process. Our services include (but are not limited to) setting up an account on DPO, developing/customizing framework and integrating with IT and GRC requirements, creating, executing documentation.



GRC Consulting Services

We do have a host of consulting services for organizations ranging from manufacturing to IT/ITeS to supply chain to logistics covering different industry segments like healthcare, banking, insurance, services, automotive etc.

We help organizations to understand where they are, understand their objectives, priorities, weaknesses and strengths through a SWOT Analysis. Then, basis their priority, help them in  bridging the gaps by recommending and supporting implementation of a set of appropriate actions.

We extend consulting on

  • Information Security Management System based on ISO27001
  • SSAE 16 (SOC1,2,3) Compliance Requirements 
  • Compliance Management System based on SOx, PCI-DSS, HIPAA, FDA QSR
  • Risk Management System based on ISO31000 and MoR (Management of Risk)
  • Project Management Framework bases on PMBoK and PRINCE2
  • Service Management System based on ISO20000
  • Quality Management System based on ISO9001, TS16949, TL9000, ISO13485
  • Bridging the gaps in any process management system audit

DPO As A Service

The General Data Protection Regulation (GDPR) makes it compulsory for some organizations to appoint a data protection officer (DPO), an expert in data protection law and practice.


  • Takes over the role of the Data Protection Officer in an organization in line with GDPR requirements
  • Serves as an independent expert inside an organization
  • Deals with privacy and data protection issues and offers internal advice
  • Trains staff on data protection matters and raises privacy awareness
  • Conducts all relevant communications with the Data Protection Authorities
  • Aids or deals with customer communications on privacy and data protection matters