Data Protection Auditing
The Data Protection Act authorises the Information Commissioner to determine whether the data controller has complied, or is complying, with the data protection principles. The Information Commissioner can impose a requirement on the data controller to submit to a compulsory audit.
The Information Commissioner has had their powers extended to include fines of up to £500,000.
Our Data Protection Audits include:
- Provision of independent assurance
- Verification that the ‘data protection’ system works and is effective
- Provides a measurement of compliance
- Identifies risks – mitigations and threats
- Increases awareness of data protection among staff
We also offer Website Data Protection and Privacy Audits which assess your company website by reviewing the flows, access to data, the amount of information collected, the marketing of services, the privacy policy and the level of Data Protection compliance.
Benefits of a Data Protection Audit
- Provides companies with an effective means of monitoring, reviewing and auditing their compliance with legislation
- Identifies non-compliance issues (with the Data Protection Act) by mapping and recording the flow of a company’s personal data, from cradle to grave
- Gives companies assurances on their level of compliance with the Data Protection Act, as well as a framework for maintaining and improving compliance against the Act, using the BS 10012 standard
Contact us to find out more.
If you have an information security question or would like to hear from one of our consultants, please call us now