Closing Meeting (print ref: Part 3, Section 4.4)
The purpose of this final meeting is for the Auditor(s) to present their findings to the organisation's key data protection staff. The meeting should be quite brief and it is recommended that the Auditor chairing the meeting should cover the following points:
- Thank the organisation for their assistance, co-operation and hospitality
- Presentation of Audit summary and detailed findings
- Post Audit reporting
- Arranging the nature and timescale for any required Audit follow-up
It is also worth emphasising at the beginning of the meeting that an Audit can only be a snapshot of activities and is therefore subject to the risks associated with sampling. Only a selection of activities was assessed and so there is always a possibility that non-compliances exist in areas not covered by the Audit.
The suggested agenda for the Closing Meeting will be found in Annex D.3 and the key actions for the Auditor chairing the meeting are described below.
Confirmation of Non-compliances
Section 4.2.2 has explained how the details of each Non-compliance found are recorded on a separate Non-compliance Record form. It is recommended that the Auditor read out each one individually during the meeting so that they can be confirmed by the Data Protection Representative and signed off by the Auditor.
Return to top
|
