An audit is a comprehensive review of your organisation’s current policies, procedures and contracts - a full review of how your organisation as a whole processes its data. You will be expected to prove how your company’s data is stored throughout its life - the entire process from beginning to end.
The scale and depth of the audit will depend on your current level of compliance, whereas the time it will actually take to complete depends on your company’s size and resources.
When planning any type of audit, the sensible first step is to put together a project team. These often comprise of staff from the compliance, legal, IT, security and HR departments of a business – as these departments already tend to manage the most data day-to-day. The next stage would be to decide who should manage the general organisation of the audit, the accumulation of all the relevant data and the final process of putting it into a clear and concise format. Alternatively, an easy option would be to purchase an auditing tool – to help you compile all the relevant information in one clear place or template.
You should outline your current procedures for obtaining, storing and displaying all data (including personal details and sensitive information) so that the information officer or regulator can easily identify any weaknesses or gaps.
If you have an LMS – such as Enable from Virtual College – auditing becomes so much easier especially when using an integrated auditing tool, such as our Enable Audit. Read our full article to get more information.
Register now for our free GDPR overview.