Get Free Downloads
Start your GDPR today in just a few clicks
Get Free Downloads
Start your GDPR today in just a few clicks

GDPR Annual Audit

by Adam Brogden
in Blog

05-Apr-2019 12:03

Implementation of GDPR is not just a one-off exercise, although I fear most companies will treat it as such. GDPR should become part of how you operate. In fact adherence to GDPR principles should be how you operate. Maintaining compliance in small organisations is difficult. Large companies with dedicated DPOs or Compliance Managers will still have work to do but it is likely that GDPR compliance will not just get forgotten. Small companies with limited resources and always too much to do are unfortunately likely to forget or push GDPR down the priority stack.

If you completed your GDPR just in time for May 2018 we would suggest that you complete a GDPR MOT. The exact scope depends on you but I would suggest that you:
  1. Think about your business and consider any changes to your business, how you operate and assumptions we made when you started your GDPR journey.

  2. Review key GDPR documentation and ensure everything is up to date.

  3. Review practical GDPR measures you have taken or need to implement.

  4. Ensure staff training has been completed and check that you have evidence of this.

  5. Look at contracts with third parties [customers and suppliers] you might have or need to have in place.

  6. Anything else you need to consider or concerns you have.

This might sound like a lot of effort but this is very important and definitely worth the effort. This will give you an action plan to fix anything that needs fixing and avoid GDPR issues where possible.

Completing an audit is good practice for any company and will demonstrate commitment to GDPR should you face any sort of investigation.

Good luck all.