Assessment & Audit

There are typically three stages to auditing your data protection standards:

 

1 Initial meeting with management to review data protection policies and procedures and to agree timing and arrangements for the audit itself.

2 On site audit, comprising principally of interviews with staff from the various business departments, but also including an inspection tour of your premises, directly observing data handling practice.

3 An off-site review by us of your existing data protection related documentation, e.g:

 

  • Data protection policies
  • Codes of practice
  • Privacy statements
  • Information security policies
  • Access controls
  • Incident logs
  • Subject access request logs
  • Report logs (whether to the DPC or direct to data subjects)
  • Training material
  • Employment contracts
  • Contracts with clients
  • Contracts with service providers

The deliverable from our audit is a report on your current state of compliance and recommended measures to address any shortfalls.

 

We will also provide a gap analysis identifying the areas you'll need to address to make your organisation GDPR ready.

 

Our data protection audit process is adapted from the audit guidance issued by the Office of the Data Protection Commissioner, which can be found here:

 

ODPC – Guide to Audit Process, Aug 2014

 

 

Training
Training
Data Protection training, from basic to advanced certificate level
Read More
Assessment & Audit
Assessment & Audit
Assessment & audit of your Data Protection compliance
Read More
Policies & Procedures
Policies & Procedures
Advice & assistance on developing policies & procedures
Read More
DPO
DPO
Get an expert DPO by outsourcing the function to us
Read More
Data Breach Management
Data Breach Management
Personal Data Breach investigation & response
Read More
DPIA
DPIA
Use us to conduct DPIAs & integrate outcomes into your projects
Read More

design: www.onelittlestudio.com