Auditing GDPR Compliance

A GDPR compliance audit will determine whether your controls, policies and procedures meet the requirements of the GDPR and, if not, where they need to be improved.

This book provides an easy to follow guide on how to complete a GDPR audit. Most audit questions include additional guidance notes and the relevant GDPR Articles and Recitals.

The audit covers the following:

1. Structure and accountability within your company or organisation.

2. Overview of your data processing operations.

3. Involvement of third parties.

4. Transparency information requirements and ensuring the rights of data subjects.

5. Compliance and risk management.

6. Records management.

7. Use of CCTV Systems.

8. Data breaches.

Compliance with data protection rules is not only a matter of risk minimisation. Compliance can:

- Increase customer and employee confidence in the company.

- Enhance brand image.

- Help in the management of company information.

- Act as a reminder to protect company data and company secrets.

- Facilitate future products and services using such data - customer data is a key asset to the company.

- Add to the value of the customer information and the value of the company

Kieran McLaughlin is a former practising barrister who now works as a data protection and legal consultant.