of personal data protection
A compliance audit of personal data protection means all actions allowing to receive an objective and independent assessment of operations in your organization in terms of fulfilling the legal obligation of personal data protection.
We will help you achieve your objectives conducting a methodical and complex survey, resulting in pointing the potential failures and offering actions to improve efficiency of processes in the area of risk management of information security.
Actions included in the audit of personal data protection:
- we analyze all documentation of personal data protection in terms of its compliance with the law and updates,
- we examine the premises of legality to process regular and sensitive personal data,
- we verify the scope and the purpose of processing,
- we verify the essential accuracy of data and its adequacy to the purpose of processing,
- we verify a technical and organizational system of personal data protection,
- we analyze security of IT infrastructure (physical and logical protection of IT infrastructure),
- we analyze security policies, back-up, authorizations management and we determine their impact on the security level of data sets, processed in electronic form,
- we verify functionality of software and its security. In case of any incorrectness we offer optimal solutions,
- we check the security level of data sets, processed in a paper form,
- we verify knowledge and awareness of employees in the field of personal data protection,
- we verify all signed contracts in terms of possible necessity of completing them with entrustment agreements and we advise how to deal with it in the future.
Among others, the following clients used our services in this scope:
The main purpose of the IT audit is to gather information about the IT infrastructure and to point out all irregularities which may compromise security or affect functioning of IT systems.
Actions included in the audit of IT security:
- we analyze the condition of the whole IT infrastructure – network (LAN, WLAN), servers and computers,
- we analyze configuration of IT systems, software and applications,
- we verify principals of users and authorizations management, an access management and a proper use of licenses,
- we verify the accordance of IT procedures with legal requirements and good practices.
Consulting and IT implementation service
We offer consultancy service in regards to IT solutions and we execute implementation projects in the area of IT infrastructure development for systems security.
We support in the field of:
- information security in IT system
- encrypting of mobile devices (smartphones, tablets, laptops, flash drives...)
- rules of making backup copies of data,
- protection of IT network,
- users and authorizations management,
- IT risk assessment.
Our other services