Welcome | Services | About Us | News & Events | Testimonials | Contact Us
Assessment & Audit
There are typically three stages to auditing your data protection standards:
​1 Initial meeting with management to review data protection policies and procedures and to agree timing and arrangements for the audit itself.
​2 On site audit, comprising principally of interviews with staff from the various business departments, but also including an inspection tour of your premises, directly observing data handling practice.
​3 An off-site review by us of your existing data protection related documentation, e.g:
- Data protection policies
- Codes of practice
- Privacy statements
- Information security policies
- Access controls
- Incident logs
- Subject access request logs
- Report logs (whether to the DPC or direct to data subjects)
- Training material
- Employment contracts
- Contracts with clients
- Contracts with service providers
The deliverable from our audit is a report on your current state of compliance and recommended measures to address any shortfalls.
We will also provide a gap analysis identifying the areas you'll need to address to make your organisation GDPR ready.
Our data protection audit process is adapted from the audit guidance issued by the Office of the Data Protection Commissioner, which can be found here:
ODPC – Guide to Audit Process, Aug 2014
