Guidance Notes - GDPR Data Protection Audit

GDPR Data Protection Audit Guidance Notes


These GDPR Data Protection Audit Guidance Notes are designed to assist in compliance with the EU General Data Protection Regulation – the GDPR – which came into force on 25 May 2018.

The GDPR significantly modernises data protection law, taking into account significant new developments in technology and new uses of personal data that simply did not exist when the Data Protection Act 1998 was written.

A data protection audit is useful starting point in complying with the GDPR, and being able to demonstrate that compliance. The audit enables you to determine the degree to which your current practices align with the requirements set down in the GDPR, and, even more importantly, to identify areas for improvement.

These Guidance Notes are designed to be used alongside our Data Protection Audit template, available here, and provide important background information to each stage of the audit.

Please note that as the GDPR has only been in effect for a short time, detailed official guidance and best practice are still being established. Consequently, we have designed this as a living document, meaning that as more official guidance and best practice becomes established over the coming months, we may make alterations and enhancements to this template to better reflect them.

This document is also available in the IT & Software group under IT & Data Protection Policies.

Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.