Scoping the Audit:
We start by talking to you about your compliance program.
- We want to understand why you are undertaking an audit and what outcomes you want to achieve. This helps us to scope the audit to best fit your needs.
- We like to understand where your data protection risks lie and therefore where you need your compliance program to reach higher standards of maturity.
- Based on your input we will suggest an appropriate scope for your maturity model audit.
Audit Preparation and information gathering
Once we have agreed on a high-level scope and you are happy to proceed, we start the audit preparation.
- This involves agreeing the detailed audit schedule for audit interviews and onsite activities.
- We will identify who should be involved in the audit
- We ask you to start gathering the key documents together and get them to us to complete our pre-visit preparation steps.
When we have completed the preparation stage we carry-out the onsite interviews and evidence gathering.
- Our audit is carried out using the CalQRisk compliance tool to provide structure to the onsite phase of the audit.
- Fort Privacy auditors have the right combination of data protection and audit skillsets to evaluate interview responses and evidence to accurately assess your programme.
On completion, we provide an initial assessment of the findings followed up by a detailed audit report.
- Our report provides an assessment of current maturity level and detailed list of actions required to progress to the next level.
- Meeting with the board and management team to review findings.