Skip navigation Spacer Spacer Spacer
Data Protection Logo Spacer Guide to Data Protection Auditing

Data Protection Homepage  Bullet  
Audit Guide Homepage  Bullet  
Download print version  Bullet  

What is a Data Protection Audit? Why Audit? Beginner's guide Step-by-step Process Forms and Checklists Site Map

SpacerWhat does an Audit cover? | Types of Audit | Background to the Audit method
Spacer Spacer

Next >

 Spacer
Spacer

What is a Data Protection Audit? (print ref: Part 1, Section 4)

For the purposes of the guide we will define a Data Protection Audit as:

"A systematic and independent examination to determine whether activities involving the processing of personal data are carried out in accordance with an organisation's data protection policies and procedures, and whether this processing meets the requirements of the Data Protection Act 1998".

The key points about Data Protection Audits that can be extracted from this definition are that:

  • They involve a systematic approach
  • They are carried out, where possible, by independent auditors who ideally have received relevant training
  • They are conducted in accordance with a documented audit procedure
  • Their outcome is a documented Audit Report

It is recognised that the smaller organisations may have resource limitations making it difficult to find fully independent auditors or to provide comprehensive training. Further information on this topic can be found in section 1.3 of Part 3.

 Spacer

Next >

 Spacer
Spacer

What is a Data Protection Audit? | Why Audit? | Beginner's Guide | Step-by-step Process | Forms and Checklists | Site Index
Copyright