How to Conduct a Data Protection Audit
Courses take place in:
London and Dublin
Data protection compliance audits, or reviews, are invaluable for organisations in assessing their current state of data protection compliance. They can identify where the organisation is getting things right, as well as reveal where there are weaknesses which require action or changes to internal procedures.
The Information Commissioner’s Office (ICO) has recommended that regular compliance reviews are undertaken as part of ongoing internal management of data protection.
Compliance reviews can be conducted either internally or by external consultants. Either way, the person conducting the review should go about the task in the most efficient and effective way. This course offers practical guidance on conducting data protection audits/reviews, and covers:
- the purpose of data protection audits/reviews
- deciding what to review: how to identify the areas that are relevant
- undertaking the audit: guidance on the practical methodology as well as how, what and who to ask in relevant staff interviews
- determining whether audited processes meet both data protection requirements and internal policies/procedures
- what to look for when auditing arrangements with third party suppliers
- how to report the results of an audit and how to recommend any remedial action that is needed
- the ICO’s recommendations for conducting audits
Sample checklists and audit templates will be provided to delegates.
It is recommended that delegates attending this course have some existing knowledge of data protection. Those with no existing knowledge should attend Data Protection Essential Knowledge – Level 1 before attending this course.