GDPR compliance audit
A GDPR compliance audit covers all activities aimed at delivering an objective and independent assessment of your organisation’s data processing operations and personal data protection system in terms of fulfilling the legal obligations.
We will help you achieve your objectives by conducting a methodical and complex analysis of your personal data protection system through the lens of its compliance with the provisions on the personal data protection of and the ICT environment security, concluded with a report and a set of recommendations.
Actions included in the GDPR audit:
- we analyse all your personal data protection documentation for its compliance and necessary updates,
- we examine the legality of processing the personal data, including special categories of personal data,
- we verify the scope and purposes of processing,
- we verify the essential accuracy of data and their adequacy to the purpose of processing,
- we verify technical and organizational measures to ensure and demonstrate compliance,
- we analyse the security of IT infrastructure (physical and logical protection of IT infrastructure),
- we analyse the security policies, back-ups, authorisations management and we determine their impact on the security level of filing systems, processed digitally,
- we verify the functionality and security of software. In case of any incorrectness we suggest optimal solutions,
- we check the security level of filing systems, processed in a paper form,
- we verify the employee knowledge and awareness on personal data protection,
- we verify your contracts in terms of possible necessity of supplementing them with controller-processor agreements and we advise how to deal with it in the future.
Among others, we delivered audits to the following clients:
The main purpose of the IT audit is to gather information about the IT infrastructure and to point out all irregularities which may compromise security or affect functioning of IT systems.
Actions included in the audit of IT security:
- we analyse the condition of the whole IT infrastructure – network (LAN, WLAN), servers and computers,
- we analyse the configuration of IT systems, software and applications,
- we verify user permissions and authorizations management, an access management and a proper use of licenses,
- we verify your IT procedures for compliance with legal requirements and good practices.
IT consulting and implementation service
We offer consultancy service with respect to IT solutions and we execute implementation projects in the area of IT infrastructure development for systems security.
We offer support in the field of:
- information security of IT systems,
- mobile device encryption (smartphones, tablets, laptops, flash drives...),
- rules of making data backups,
- IT network security,
- users and authorisations management,
- IT risk assessment.
Our other services