The GDPR audit helps the organisation to determine if data processing in the organisation is in compliance with the data protection regulation and make any necessary amendments in case of non-compliance.
The methodology used in General Data Protection Regulation (GDPR) compliance audit has been developed by Grant Thornton. The compliance audit is carried out using structured questionnaires, and it involves checking any relevant documents and if necessary conducting observations on site.
The resulting audit report contains:
- a list of data protection requirements,
- observations of auditors
- appropriate risk management measures to take