Undertaking an audit and gap analysis is a great way to assess your organisation’s compliance levels with General Data Protection Regulation (GDPR). It allows you to assess critically what information your organisation processes as a whole and to identify any steps you need to take to become and stay compliant with GDPR/ and the Data Protection Act 2018. It is a process that we recommend you undertake at the commencement start of your preparations and regularly thereafter, e.g.for example yearly, to ensure compliance continues to be met. Issues of non-compliance can be input into a Work Plan and categorised according to risk, providing a ‘to do list’ for compliance.
How Thorntons can help
Taking into consideration GDPR, DPA the Data Protection Act 2018 and Information Commissioner’s Office (ICO) guidance, we have designed our own GDPR Audit and Gap Analysis Toolkit that can be used to create your Work Plan, which prioritises the actions you have to take as an organisation to achieve and maintain compliance. The toolkit includes a staff questionnaire, audit questionnaire, template Work Plan and Excel spreadsheet to record processing activities.
You can use the toolkit in two different ways:
- Complete the documentation yourself using the toolkit. This costs £750 plus VAT, which includes an hour’s consultation with a member of our team to discuss any queries you may have.
- Our data protection experts undertake the audit on your behalf using the toolkit. The cost for this will vary depending on the size and complexity of the organisation and processing activity.
For more information on GDPR requirements see our What is GDPR? page.
If you would like further information on how Thorntons can help your organisation with an Audit and Gap Analysis project, please call us on 01382 229111 for practical advice and support. Or complete our online enquiry form and an expert in our Data Protection and Information Security Team will call you back.
Our specialist Data Protection lawyers are on hand with clear advice and help for you on all aspects of GDPR.
Meet the Experts
Our Data Protection and Information Security team are ready to provide practical and commercial advice.