Data protection audit framework
Published by: Information Commissioner’s Office
Description:
Data protection audit framework is designed to help organisations assess their own compliance with key requirements under data protection law.
The framework can be a starting point for you to evaluate how your organisation handles and protects personal information, while helping you to identify the necessary steps to improve compliance with the law.
The framework is an extension of our popular Accountability Framework, and it has nine toolkits covering the following key areas:
Accountability
Records management
Information & cyber security
Training and awareness
Data sharing
Requests for data
Personal data breach management
Artificial intelligence
Age-appropriate design
Each toolkit has a downloadable data protection audit tracker that will help organisations conduct their own assessment of compliance, tracking actions that must be taken in areas needing improvement.
The framework is suitable for large businesses and organisations in the public, private and third sectors.