GDPR Audit: Performing third-party audits of data processors on behalf of data controllers.

  • Checking the current compliance status
  • Ensuring Organisation is meeting the GPDR Principles
  • Assessing the staff awareness of their data protection obligations
  • Assessing whether the rights of Data Subjects are adequately protected
  • Adequacy Audit – checking all the documentation which is already deployed: policies, procedures, codes of practice, guidelines, data protection agreements.
  • Compliance Audit – checking if the organization actually operates in accordance with the existing documented policies, procedures, guidelines and codes of practice.
  • Checking IT inventory of all IT assets involved in the processing of controller’s personal data to see if they can offer an adequate level of security.
  • Agreeing suitable corrective action to remove non-compliances.