Guidance Notes – Data Protection Audit

Data Protection Audit Guidance Notes (GDPR)


These Data Protection Audit Guidance Notes have been designed to assist businesses in compliance with the EU General Data Protection Regulation – the GDPR – which comes into force on 25 May 2018.

Please note that as the GDPR has only been in effect for a short time, detailed official guidance and best practice are still being established. Consequently, we have designed this as a living document, meaning that as more official guidance and best practice becomes established over the coming months, we may make alterations and enhancements to this template to better reflect them.

The GDPR represents a significant modernisation of data protection law and one that takes into account significant new developments in technology and new uses of personal data that simply did not exist at the time of the previous legislation, the Data Protection Act 1998.

An essential starting point in complying with the GDPR, and being able to demonstrate that compliance, is a data protection audit, assessing the current state of play within your business, determining the degree to which your current practices align with the requirements set down in the GDPR, and identifying areas for improvement.

These Guidance Notes are designed to be used in conjunction with our Data Protection Audit template, available here, and provide important background information to each section in the audit.

Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.