GDPR Data Protection Audit Guidance Notes
These GDPR Data Protection Audit Guidance Notes are designed to assist in
compliance with the EU General Data Protection Regulation – the GDPR – which came into force on 25 May 2018.
The GDPR significantly modernises data protection law, taking into account
significant new developments in technology and new uses of personal data
that simply did not exist when the Data Protection Act 1998 was written.
A data protection audit is useful starting point in complying with the
GDPR, and being able to demonstrate that compliance. The audit enables you
to determine the degree to which your current practices align with the
requirements set down in the GDPR, and, even more importantly, to identify
areas for improvement.
These Guidance Notes are designed to be used alongside our Data Protection
Audit template, available here, and provide important background
information to each stage of the audit.
Please note that as the GDPR has only been in effect for a short time, detailed official guidance and best practice are still being established. Consequently, we have designed this as a living document, meaning that as more official guidance and best practice becomes established over the coming months, we may make alterations and enhancements to this template to better reflect them.
This document is also available in the IT & Software group under IT & Data Protection Policies.
Once you have purchased access to the appropriate document folder click on
the “Download Document” link below. You will be asked what you want to do
with the file. It is recommended that you save the document to a location
of your choice prior to viewing.