|
Closing Meeting Agenda (print ref: Part 5, Annex D, Section D.3)
The purpose of this final meeting is for the Auditor(s) to present their findings to the organisation's key data protection staff and agree any required programme of corrective action. It is recommended that the following outline agenda is used for conducting the Closing Meeting:
Introductions
- Thank the organisation for their assistance, co-operation and hospitality
- Deal with any issues of confidentiality
- Emphasise that the auditing process can only sample the Data Protection System at a particular moment in time
- Ask the management team to defer any questions until after the findings have been presented
Presentation of Findings
- Presentation of the detailed findings which involves:
- Confirmation of each non-compliance found
- Agreement to suitable corrective action for each non-compliance
- Indication of timescales for completion of corrective action
- Ask other members of the Audit Team to report if appropriate
- Presentation of an Audit summary including a judgement of the level of Data Protection compliance achieved by the organisation
- Invite questions for clarification and provide immediate answers wherever possible
Post Audit Reporting
- Explain to the management team the nature of summary report they will receive, e.g. Compliance Audit Report together with associated Non-compliance Reports etc.
- Establish the organisation's requirements for distribution of the summary report
Audit Follow-up
- Agree the nature of any required follow-up visit, e.g. documentation check, partial re-audit or full re-audit
- Arranging the timescale for any required follow-up visit
Return to top
|
|