Audit

13 Dec 2018

Audit means the inspection or examination of the processor’s activities and its facilities to ensure GDPR compliance.

Art. 28(3)(h) GDPR state that the terms of the audit always should be regulated in the data processing agreement between the controller and the processor.

When executing an audit, the controller should be able to confirm that the data are being processed in a compliant way. Essential questions that a processor always should be able to answer could be:

What data are collected?
Where are the data stored?
How is the data being protected and documented?
How long is the data stored?
What are the processes for requests from a data subject regarding their rights?

Audit Powers of the Data Protection Authority: How to Prepare
Data Processing Agreement (DPA)
DPO conflict of interest
Data Protection Officer (DPO) guide

Related Terms:

Term: Data Processing Agreement
Term: Audit
Term: Processor
Term: General Data Protection Regulation
Term: Compliance
Term: Controller
Term: Data Subject

European Essential Guarantees Recommendations

Data Protection Officer (DPO) guide

DPO conflict of interest

New SCCs from EU – the Definitive Guide

Legitimate Interest Assessment – all You Need to Know

GDPR article 49 derogations applicable to international transfers

How GDPR Affects Recruitment

Retention Policy – An overview

Audit

Follow to stay updated

most viewed

Schrems II a summary – all you need to know

What is a Personal Data Breach?

Audit Powers of the Data Protection Authority: How to Prepare

trending now

DPO conflict of interest

Schrems II a summary – all you need to know

Extra sensitive data