This can be likened to, why do you measure a room before you purchase a carpet? The answer to both is first, understand what you require, and second, move forward and complete the project. This is where InfoLore’s GDPR audits come in, particularly for businesses in Lincolnshire.
What is a GDPR Audit?
A GDPR audit is an assessment as to whether your organisation is following good data protection practice.
What are the benefits of an Audit?
The main benefit of a GDPR audit is to establish where you are on your GDPR Compliance journey. More importantly, you will benefit from the experience of our Auditors. This is an opportunity for you and your team to ask questions regarding any data protection issues.
Areas an Audit usually covers
We can audit parts, or all of the principles (there are 7) in the GDPR. This can include the Privacy and Electronic Communications Regulations (PECR) and Cyber.
Examples of areas which may be covered in an audit include:
- Looking at the structures, data protection policies and procedures to ensure compliance with legislation.
- Looking at the processes for managing personal data, electronic and manual records.
- How requests from organisations / individuals asking for copies of their personal data are managed and recorded.
- Assessing the technical and organisational measures in place, to ensure there is suitable security for personal data held in any form.
- Data protection awareness and GDPR training, looking at the provision and monitoring.
We will work with you to make sure the audit is part of your GDPR Compliance journey.
How does Info Lore conduct an Audit?
Following an initial meeting we will:
- carry out a site check and interviews with members of staff
- conduct reviews with key team members
- provide recommendations in report form which highlight areas of improvement
What happens to the report?
Once the GDPR audit is complete, we provide you with the comprehensive report. This includes a summary which focuses on risk to your company and your own customers / clients. General observations and priority actions are also included within this report. Giving you a full break down of what you need to improve in order to ensure your business is GDPR compliant.