Your business partners, customers, or consumers will increasingly demand evidence that personal data held by your organisation is well looked after. An external Data Protection Audit can go a long way in maintaining trust of your key partners.
- Each audit starts with a scoping meeting. It is important that we have a good understanding of what you wish us to look into, and based on that scope, we agree on the audit plan.
- In our audit work, we rely on our well-established framework that builds on the international standardisation bodies such is NIST, ISO, or AICPA CICA. We may also customise your audit and supplement with local requirements, based on the jurisdiction you operate in, or your sector specific regulations.
- Also, where others may end we will only be mid-way. We don’t finish our audits by stating what does not work. WLC applies its years of operational experience to suggest practical improvements.
We have done many different audits across different sectors and jurisdictions, including:
- GDPR readiness and implementation audits
- Maturity assessments
- Audits of compliance with internal policies
- Regulatory impact assessments
- The GDPR has introduced several new obligations for organisations that process personal data. Irrespective of whether you are a data controller or a data processor you are now obliged to implement technical and organisational measures to ensure that personal data are processed lawfully and securely.
- In addition to mere compliance with the law, all organisations have been made accountable to actively prove that their data practices meet applicable regulatory requirements. A Data Protection Audit is a great procedure to ensure that everything is in its right place at your organisation, or to spot the data protection issues right in time.
Performing an external Data Protection Audit will benefit your company in a number of ways
- A proof of the commitment of your organisation to data protection and the protection of the rights of individuals;
- External and fully independent assurance of your policies and practices;
- A comprehensive identification of data protection risks and practical, organisation specific recommendations to address them;
- The sharing of knowledge with trained, experienced and certified professionals;
- Opportunity to access WLC resources (templates, questionnaires, other materials).