GDPR Audit: Performing third-party audits of data processors on behalf of data controllers.
- Checking the current compliance status
- Ensuring Organisation is meeting the GPDR Principles
- Assessing the staff awareness of their data protection obligations
- Assessing whether the rights of Data Subjects are adequately protected
- Adequacy Audit – checking all the documentation which is already deployed: policies, procedures, codes of practice, guidelines, data protection agreements.
- Compliance Audit – checking if the organization actually operates in accordance with the existing documented policies, procedures, guidelines and codes of practice.
- Checking IT inventory of all IT assets involved in the processing of controller’s personal data to see if they can offer an adequate level of security.
- Agreeing suitable corrective action to remove non-compliances.