GDPR Data Protection Audit Template

GDPR Data Protection Audit


This Data Protection Audit is designed to assist compliance with the EU General Data Protection Regulation – the GDPR – in force from 25 May 2018.

For guidance and more detailed background information, please refer to our GDPR Data Protection Audit Guidance Notes, available here. These are designed to be used alongside this audit template and to guide you through the audit, step by step, providing important background information to each section in the audit.

The audit is structured around the core principles of the GDPR and the rights of data subjects. It is designed to assess and evaluate data protection practice and compliance within your business across a number of key areas.

This audit template contains a large number of questions and will require some time to complete; however please note that not all parts will be relevant to all businesses. If a question does not apply to your business, simply write “n/a” in response to it.

Please note that as the GDPR is not yet in force, official guidance and best practice are still being established. Consequently, we have designed this as a living document, meaning that as more official guidance and best practice becomes established over the coming months, we may make alterations and enhancements to this template to better reflect them.

This document is also available in the IT & Software group under IT & Data Protection Policies.

The Data Protection Audit is divided into the following parts:
1. General
2. Privacy by Design
3. Staff Awareness and Training
4. Lawfulness
5. Fairness
6. Adequacy and Relevance
7. Accuracy
8. Data Transfers Abroad
9. Record Keeping
10. Data Retention and Deletion
11. Data Security
12. Data Breaches

This Data Protection Audit is in fixed field format. Simply press TAB to move from one field to the next and SHIFT+TAB to go back. Alternatively, use your mouse pointer to click from one field to the next. This template is not password protected and can be unlocked for further editing if required.

Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.