Compliance Audit Reporting (print ref: Part 3, Section 4)
The results of the Data Protection Audit must be documented in a formal manner and presented to the organisation at the end of the Audit. If the results of the Audit are documented correctly the organisation will be provided with much valuable information about the status of its Data Protection System and in particular:
- A formal record of what areas of the organisation were audited and when.
- An indication of those areas of the organisation that appear to comply with the requirements of the Data Protection Act.
- Details of those areas of the organisation that appear not to comply with the Act together with reasons for each non-compliance and their associated significance/risk.
- A suggested programme of corrective action including target dates to rectify any non-compliances found
The five key aspects of Compliance Audit Reporting are covered in the sections that follow and are also illustrated in flow chart form in Figure 3.6(below).
Fig. 3.6: Compliance Audit Reporting
Return to top
|