Data protection audit framework

Published by: Information Commissioner’s Office

Description:

Data protection audit framework is designed to help organisations assess their own compliance with key requirements under data protection law.

The framework can be a starting point for you to evaluate how your organisation handles and protects personal information, while helping you to identify the necessary steps to improve compliance with the law.

The framework is an extension of our popular Accountability Framework, and it has nine toolkits covering the following key areas:

  • Accountability 

  • Records management 

  • Information & cyber security 

  • Training and awareness 

  • Data sharing 

  • Requests for data 

  • Personal data breach management 

  • Artificial intelligence 

  • Age-appropriate design 

Each toolkit has a downloadable data protection audit tracker that will help organisations conduct their own assessment of compliance, tracking actions that must be taken in areas needing improvement.

The framework is suitable for large businesses and organisations in the public, private and third sectors. 

Previous
Previous

Exploring Children’s Rights and AI

Next
Next

Scottish AI Register