Data Protection Audit

Are you compliant with GDPR?

Your organisation may have implemented a GDPR program that was fit for purpose in 2018. However, can your organiSation demonstrate continued data protection readiness today, and if so, how?

Audit Packages

Our team of qualified Data Protection Auditors have defined a pragmatic GDPR Audit framework which has been tried and tested across multiple sectors within many different international organisations.

We offer both a 360° audit package as well as specific audit packages which focus on e.g. Legal, Data protection by design & by default, Accountability, Data subject rights or even a GDPR verification audit which looks under the hood of your (or your processors) organisation, verifying that personal data is actually processed in the way described. More information can be found on our separate audit website: DPAudit.com.

How can this Data Protection audit help Your organization?

An independent audit assists organisations in demonstrating their GDPR readiness/adherence by performing an in-depth audit of related activities which includes:

an audit and an assessment are different things - we should therefore refrain from using the word "assessment" in this section.

Delivering an objective audit by our certified Lead Auditors.

Identifying non compliances and defining their risks

Discuss potential options to overcome the non-compliances in an audit you can not advice on a way forward officially

Verification by means of automated personal data discovery to validate data processing activities, policy adherence etc.

Providing insights in your GDPR readiness.

How we go about this audit

Based on executing different audits, we have refined our framework and methodology. We cover each of the data protection areas and execute in an efficient and transparent manner.

Plan

-Background and ambitions of this exercise

-Current risks

-Define Scope

Prepare

-Define audit schedule

-Identify stakeholders

-Desktop research

-Decide on tool to use

Audit

-Perform audit

-Perform audit validation (optional using discovery technology)

-Close out any open questions

Report

-Develop Report

-Map to maturity capability (optional)

-Present to Team and Board

Delivery

-Roadmap projects include individual cost estimates & total value estimates

Follow-up

-Advisory

-Training & Workshops

-Specific consultancy

Expected Results

Our Team of Certified Lead GDPR Auditorswill work closely with your stakeholders in a trusted and efficient manner, audit should be objective and can not take sensitivities into account (should also refrain from too much culture).

The end result is an audit report that clearly outlines how GDPR ready your organization is.

this is exactly what we can not do during an audit (only during an assessment) – that’s why we have Quadata doing audits while we provide advice on the work that’s needed to become GDPR ready.

The audit report is typically delivered within an 8 week timeframe.

What makes us different?

Our Team of certified lead auditors are unique in a way that they are both legally qualified and have a technical background.

In addition to this, our team is also well versed in Data Management and it’s related technologies. This combination helps to understand your business faster and provide a more qualitative audit report. Data Trust Associates has implemented many Data Protection programs internationally.

as mentioned above: we can not provide advice during an audit.

Ask an expert

Christoph Balduck

Discover how the company, “De Lijn” has increased their customer satisfaction with 50%

Discover the case