Compliance audit and remediation

Our services

Before laying the foundations of a good privacy management programme, you need to assess your organisation’s state of compliance with current data protection legislation.

We have extensive experience in carrying out data protection audits, implementing gap analysis exercises, and undertaking subsequent remediation work to ensure that your organisation is compliant. For us, this is not just a ‘tick-box exercise’; we will assess your organisation’s compliance based on how you use personal data and the risks associated with using it in this way.

Our approach to audit remediation is meticulous. We explore all aspects of data processing within your organisation and benchmark this against current data protection laws and regulations. Any identified gaps are met with observations and recommendations to ensure that your organisation can rectify any areas of concern.

The kick-off meeting and audit strategy

We will get together to establish the scope of the audit and obtain an overview of your organisation’s data processing activities, including a review of the current privacy programme in place.

To develop a complete understanding of the personal data being processed, we will identify key areas of your business where the processing is being undertaken and arrange meetings with individuals in these areas. As part of the kick-off meeting, we will also request copies of documentation to assess your internal compliance with privacy practices mandated in your policies and procedures. Upon completion of the audit, we will provide you with a simple, easy-to-use report containing our observations and recommendations to enable you to remediate any identified gaps.

The remediation project

We will work with you to review the recommendations identified in the audit report and create an executable remediation project plan to ensure that your organisation remedies any deficiencies in compliance with data protection legislation.

Assurance and continuous monitoring

Upon completion of any remediation work, we will carry out an assurance exercise, setting up monitoring processes to ensure that appropriate data protection actions have been fully embedded and are being followed within your organisation.

You might also be interested in these services:

Investor due diligence

Surveying new data protection landscapes before you decide to venture further.

Read more

Privacy management programmes and frameworks

Finding your data protection bearings so you can move forward with confidence.

Read more

Data sharing and overseas transfers

Planning your route to compliance across multiple regulatory territories.

Read more

Can you benchmark your compliance with current data protection legislation and demonstrate your risk awareness?