idea for the internal audit department - caseware · caseware idea b.v. eemnesserweg 26 3741 ga...

CaseWare IDEA

GDPR COMPLIANCE CHECKER

RELEASE 1.0

USER MANUAL

Copyright © 2018 CaseWare IDEA B.V. All rights reserved. No part of this publication and its associated files may be reproduced, transmitted, transcribed, stored in any retrieval system or translated into any language in any form by any means without the exclusive permission of CaseWare IDEA B.V. IDEA is distributed under an exclusive license by: CaseWare IDEA Inc. 469 King Street West, 2nd Floor Toronto, CANADA M5V 1K4 IDEA® is a registered trademark of CaseWare International Inc. Internet: www.casewareanalytics.com European head office The Netherlands CaseWare IDEA B.V. Eemnesserweg 26 3741 GA BAARN Telephone: (+31) - (0)35 528 04 50 Internet: www.casewareanalytics.eu E-mail: [email protected] Support: [email protected] Office France CaseWare IDEA B.V. 12 Place St Hubert 59000 LILLE Telephone: (+33) - (0)3 5956 0680 Internet: www.casewareanalytics.fr E-mail: [email protected] Support: [email protected]

GDPR Compliance Checker 1.0 © CaseWare IDEA B.V. 2018

Table of contents

1 Introduction. .................................................................................................................................... 4

1.1 The purpose of the GDPR Compliance Checker. ..................................................................... 4

1.2 Prerequisites ............................................................................................................................ 4

1.3 Limitations. .............................................................................................................................. 4

1.4 Installing the program. ............................................................................................................ 5

2 The GDPR-Hitlist in Microsoft Excel format. ................................................................................... 6

2.1 Viewing and editing the GDPR Hitlist.xlsx file. ........................................................................ 6

2.2 Excluding Existing hit list words ............................................................................................... 8

2.3 Case Sensitivity. ....................................................................................................................... 8

2.4 Sorting the Excel File ............................................................................................................... 8

3 Running the GDPR Analysis. ............................................................................................................ 9

3.1 Starting the GDPR Analysis. ..................................................................................................... 9

3.2 Selecting the Microsoft Excel GDPR Hitlist .............................................................................. 9

4 IDEA-databases created by the GDPR Compliance Checker. ........................................................ 11

4.1 The IDEA database: GDPR COMPLIANT outcome ................................................................. 11

4.2 The IDEA database: GDPR Compliance suspects yes ............................................................ 12

4.3 The IDEA database: GDPR Compliance suspects no .............................................................. 13

4.4 The IDEA database: GDPR_HistList ........................................................................................ 13

5 Feedback........................................................................................................................................ 14


1 Introduction.

1.1 The purpose of the GDPR Compliance Checker.

The GDPR Compliance Checker is an add-on for IDEA 10. It can help IDEA users to identify, based on the name of the FIELDS in an IDEA database, whether the IDEA database may contain data that complies with the GDRP are ruling.

IMPORTANT: The GDPR Compliance Checker does not guarantee that data within the IDEA database is GDPR

compliant or not. Upon completion of the analysis of the GDPR Compliance Checker, output in the format of IDEA databases is produced, which can be reviewed by the IDEA user. When a match is found, the fieldname of the appropriate IDEA database will be listed with the status ‘Yes’. If the field name does not match with any of the words in the GDPR hitlist, it will be reported as ‘No’

As an IDEA user, you are responsible for the words in the GDPR-Hitlist Excel file (or any other file(s) you wish to use. The results found by the GDPR Compliance Checker merely indicate that

the FIELDNAME found in the result may or may not comply. You need to properly review each record found.

1.2 Prerequisites

The following prerequisites must be met in order to run the GDPR Compliance Checker. I. IDEA 10.2 or later must be installed on your machine.

II. You must have a Microsoft Excel version installed that supports the “.xlsx” file format.

1.3 Limitations.

I. You must have an ASCII version of IDEA1. II. Currently, the GDRP Compliance Checker works only on desktop projects, IDEAServer

projects will be supported in future releases. III. The “GDPR-Hitlist.xlsx”-Excel file must have the cell A1 with the text “GDPR_HitList” IV. The GDPR Compliance Checker analysies all IDEA databases of the selected folder including all

sub-folders. (Managed- or External Projects). V. When checking for a partial match, the minimum match length of the searched word needs

to be three (3). For example, the checker will not search for partial matches for “IP” due to

length only being two (2), it will however search for partial matches for “dat”.

1 Unicode will be supported in a future release. If you do not know which encoding you are using, you can check in IDEA using the option: File – Help. If you have a Unicode version, it will state that in the right and side of the screen.


1.4 Installing the program.

The GDPR Compliance Checker release 1.0 does not have an installer. After receiving the download zip file, please extract the zip file on your computer. Use the following locations to copy or move the files to their respective locations.

File Name Location

Installation location for the English version of IDEA 10.2 (or later) GDPR V1.ise My IDEA Documents\Local Library\Macros.ILB

GDPR_HitList.xlsx Folder of your own choice, recommended: Other.ILB

Translation file.xlsx My IDEA Documents\Local Library\Other.ILB

GDPR-CCDashboard.idash My IDEA Documents\Local Library\Visualsation.ILB

Installation location for Dutch version of IDEA 10.2 (or later) GDPR V1.ise Mijn IDEA Documenten\Locale bibliotheek \Macro’s.ILB

GDPR_HitList.xlsx Folder of your own choice, recommended: Overige.ILB

Translation file.xlsx Mijn IDEA-documenten\Locale bibliotheek\Overige.ILB

GDPR-CCDashboard.idash Mijn IDEA-documenten\Locale bibliotheek\Visualisatie.ILB

Using the option in IDEA [Macros - Bind to the Ribbon], you can create a button on the ribbon and

add the icon for the GDPR Compliance Checker by pointing to the compiled IDEAScript (GDPR V1.ise)

For the Dutch IDEA users, the option in IDEA is: Macro’s – Koppelen aan Lint

Please note that if you are using Citrix or Terminal server, you may lose your settings on the IDEA

main ribbon due to the fact that the “appdata” folder may be cleaned or reset.


2 The GDPR-Hitlist in Microsoft Excel format.

2.1 Viewing and editing the GDPR Hitlist.xlsx file.

You can use the default GDPR_HitList.xlsx file, create your own or modify the existing one. When the hitlist is located in the Other (Other.ILB) library, IDEA offers you the possibility to view the file. Use your right mouse button to show the available options.

When selecting View, Microsoft Excel opens the file and you are able to make any changes to the content.

IMPORTANT: Do not change the name in cell A1 (it must be GDPR_HitList)

You can add as many columns to the Excel file as you want. However only the GDPR_HitList column will be used for verification.


You can also add fieldnames from your ERP system: Below is an example of an SAP data containing demonstration (fictional) data.

In this example, you can add STRAS and/or ADRNR as FIELDNAMES in the GDPR_HitList column in your Excel file as field that needs to be checked for presence in your IDEA file(s). These can be added to either the “General” sheet or “Custom” sheet.


2.2 Excluding Existing hit list words

The GDPR Compliance Checker will check all the hit words in the Excel file, with the exceptions of:

Cell A1, that must have the name: GDPR_HitList

Any words starting with a “$” sign o This allows you to quickly exclude a word being used to check for a part of a fieldname

in an IDEA database.

In the example above, the word $description is prefixed by a “$”. The GDPR Compliance Checker will not check for DESCRIPTION as a FIELDNAME or as part of a FIELDNAME.

2.3 Case Sensitivity.

You may enter words in upper case or lower case. The GDPR Compliance Checker is not case sensitive.

2.4 Sorting the Excel File

You can sort the file any way you want as long as the first row remains unchanged. Cell A1 must have the name GDPR_Hitlist


3 Running the GDPR Analysis.

The GDPR Compliance Checker analyses all the IDEA databases of the selected folder including all subfolders.

3.1 Starting the GDPR Analysis.

Start IDEA 10.2 (or later).

Either o Go to the ribbon you have defined with the button to the GDPR-IDEAScript and click

on the button

o Go to Macros in the ribbon and select run, next navigate to the folder were the GDPR V1.ise file has been saved and click on open.

3.2 Selecting the Microsoft Excel GDPR Hitlist

The add-on will ask you to select the Microsoft Excel hitlist you would like to use. This file can reside anywhere within your Windows environment. In this example we will use the recommended location (\My Documents\My IDEA Documents\Local Library\Other.ILB) and select the Default

Select the appropriate (default) GDPR_Hitlist.xlsx or another file for the GDPR Compliance

Checker to use.


Click on Open.


4 IDEA-databases created by the GDPR Compliance Checker.

The GDPR Compliance Checker creates either one or three IDEA databases in addition to the imported Microsoft Excel worksheet.

4.1 The IDEA database: GDPR COMPLIANT outcome

This IDEA database has seven fields:

i. FILE_LOCATION: folder path where the IDEA Database has been found ii. FILE: filename of the IDEA Database

iii. FILED: name of the FIELD iv. GDPR_SUSPECT

Possible values are Yes and No i. Yes meaning a (partial) match has been found against the GDPR Hitlist

ii. No meaning it did not find any match against the GDPR Hitlist v. HITLIST_HIT: gives the (partial) match found if GDPR_SUSPECT is “Yes”

vi. REASON_FOUND Possible values are:

i. Partial match found in the fieldname: a word from the histlist was found as part of the fieldname in one of the IDEA databases.

ii. Full match found in fieldname: a word from the hitlist was found matching the fieldname in one of the IDEA databases.

iii. Blank or Empty: no match was found with any of the words from the hitlist. vii. REASON_UPDATED: will have the same value as REASON_FOUND but can be updated.

The field REASON_UPDATED is an Editable Character field. You can edit/modify the comment found or add a comment to an empty field.


4.2 The IDEA database: GDPR Compliance suspects yes




Possible values are Yes and No i. Yes meaning a (partial) match has been found against the GDPR Hitlist

v. HITLIST_HIT: gives the (partial) match found if GDPR_SUSPECT is “Yes” vi. REASON_FOUND

Possible values are: i. Partial match found in the fieldname: a word from the histlist was found as

part of the fieldname in one of the IDEA databases. ii. Full match found in fieldname: a word from the hitlist was found matching

the fieldname in one of the IDEA databases. vii. REASON_UPDATED: will have the same value as REASON_FOUND but can be updated.



4.3 The IDEA database: GDPR Compliance suspects no




Possible values are Yes and No i. No meaning it did not find any match against the GDPR Hitlist

v. HITLIST_HIT vi. REASON_FOUND

Possible values are: i. Blank or Empty: no match was found with any of the words from the hitlist.

vii. REASON_UPDATED: will have the same value as REASON_FOUND but can be updated.


4.4 The IDEA database: GDPR_HistList

This IDEA database has three fields:

i. GDPR_HITLIST: a character FIELDNAME that holds the words that the GDPR Compliance Checker needs to check for.

ii. SOURCE: in the HitList file there are several sheets that hold search words, in this column it tells you were it came from

iii. REMARK: if any remarks are being left in the HitList excel file, they will be displayed here.

iv. A word starting with a “$” sign is excluded from the search.


5 Feedback

We appreciate your input. We will review your ideas and suggestions to improve this add-on. Please send your comments to: CaseWare IDEA B.V. Email: [email protected]

mailto:[email protected]