I believe that audit is an efficient way to improve effectiveness of a company. A proper audit should lead to good understanding of requirements imposed on a company by law and standards and meeting them fully.
I conduct 2 types of audits, combined or separately.
Personal data protection legal compliance Audit, which contains:
- Verification of documents connected to personal data protection and information security procedures in terms of their compliance with legal requirements, effectiveness and updates,
- Analysis of personal data, processed in a company, in terms of legitimacy, scope and purpose of data processing, and their accuracy as well,
- Verification of technical and organizational safety barriers for personal data protection,
- Verification of physical safety barriers and IT infrastructure,
- Check of safety of personal data files,
- Verification of personal data files registration,
- Verification of employee awareness about personal data protection and trainings effectiveness,
- Verificatin of employee privacy statements and personal data processing during recruitment process,
- Verification of company agreements to determine potential necessity to prepare an agreement on entrusting of perspnal data processing.
ISO 27001 compliance Audit (Information Security Management).
The result of the audit is a report, which describes the level of compliance with ISO standard reuirements.
Recommendations of corrective actions are also included into the report.
Should you have any questions concerning audits please contact:
Tel.: +48 517 55 11 71