 |
Audit Objectives (print ref: Part 1, Section 3)
When carrying out a Data Protection Audit in any area of an organisation the Auditor has three clear objectives:
- To verify that there is a formal (i.e. documented and up-to-date) data protection system in place in the area
- To verify that all the staff in the area involved in data protection:
- Are aware of the existence of the data protection system
- Understand the data protection system
- Use the data protection system
- To verify that the data protection system in the area actually works and is effective
|
|
