Audit and Mapping
With the DPO Consulting audit service, organizations can carry out internal audits or audits of subcontractors in order to verify their compliance with data protection legislation and identify any non-compliance situations.
Key elements of the audit process:
The main stakeholders, the personal data processed and its collection process;
The categorization of data, its systematization, hierarchization, location and respective flows
The information security measures implemented and their risk adequacy.
Data mapping is critical for organizations and enables them to gain a deeper understanding of their own processes and the personal data involved in them.
Mapping, in particular through the Register of Processing Activities, which is mandatory under the GDPR, obliges companies to:
Identification of the personal data processed;
Analyze the security measures planned and actually implemented;
Understand the data life cycle, its interdependencies and access;
Assess the legitimacy and necessity of the processing of personal data carried out by the organization.
