The General Data Protection Regulation compliance auditing services consist of a series of activities distributed over several days, as described below:
Review of data protection documentation:
- Data Protection Policies.
- Data protection clauses in forms.
- Privacy policies (Web).
- Review of the process of exercising the rights of users: Access, Rectification, Deletion, Data Portability, Limitation or Opposition to its treatment.
Review of status of security measures:
- Data Protection Regulatory Commission.
- Establishing personnel responsible for data protection.
- Notification process of security breaches/violations.
- Handling Register review.
- Risk Analysis review.
- Information security and data protection procedures.
These analysis tasks conclude with the preparation and delivery of two reports indicating the degree of compliance, and the points to be rectified and improved.
In addition, an opportunity to include awareness and training sessions related to the GDPR is provided.
Contact us to request a quote and determine your business needs.