GDPR (personal data protection) audit

We offer you a review of your personal data protection systems, with the purpose to examine the compliance of operation of your company or institution with the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR).

At the end of the service provision, a confidential report will be drawn up for you, and the conclusions therein will allow you to identify any irregularities in the personal data protection system previously in place. The report also includes recommendations regarding solutions to ensure data security.

Audit stages:

Stage I – Preliminary diagnosis.

Stage II – Inventory of personal data sets:

  1. Analysis of the rules for collecting and updating data.

Stage III – Identification of IT systems that process personal data:

  1. Verification of compliance with the security requirements for IT systems processing personal data (as required by the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR).
  2. Assessment of the security measures of the personal data processing area;
  3. Verification of correctness of management of the IT system in which personal data are processed;
  4. Analysis of correctness of operation of personal data processing systems;
  5. Evaluation of procedures for sharing personal data.

Stage IV – Verification of completeness of the documentation in light of the regulations:

  1. Verification of the security policy adopted for the processing of personal data;
  2. Assessment of the procedure to follow in the event of personal data protection violation;
  3. Verification of the activities related to the training policy and sharing access to personal data
  4. Verification of fulfilment of the information obligation – correctness of information clauses and statements on personal data collection forms.

Stage V – Verification of applications and IT systems that process personal data.

Stage VI – Preparation of the final report.

The price of the service is determined individually and it depends on factors such as the size of the company or institution and the level of complexity of the solutions implemented.

Ask for details

public.common.backtop