Based on the quick positioning results, our team conducts detailed analysis where possible to provide recommendations for organizational and technology changes that must be done by organization to comply with GPDR. Effort, cost, and resources needed for conducting each activity are estimated and plan is prioritized based on the perceived privacy risk, available resources and budget, as well as activities interdependencies. Detail GDPR roadmap is presented and agreed with management.