Audit Serve’s GDPR (General Data Protection Regulation) Consulting Services

GDPR Post-Implementation Assessment

The GDPR Project Assessment is intended to perform an analysis of whether the proper project initiatives have been deployed to meet the requirements of GDPR which includes the proper interpretation of the articles set forth within GDPR.  The Assessment will render opinions as to whether the project initiatives have been taken far enough based on Audit Serve's GDPR expertise having worked with over 100 organizations.  Testing will be performed of the key project initiatives to ensure consistency of how the GDPR project is administered across an organization.

GDPR Post-Implementation Audit

The GDPR Post-Implementation Audit goes beyond the Project Assessment review and performs an audit (includes complete compliance testing)  of all of the operational functions that were required to be established as part of GDPR such as processing Data Subject Access Rights (DSAR) requests, continued expressed consent processing, data subject notification processes, Processor contract updates and GDPR compliance reviews, Data Breach handling processing and other required areas.  Since audits are based on criteria and GDPR projects are based on the interpretation of the GDPR Articles to establish implementation strategies, the audit would focus of ensuring that an organization consistently implemented solutions based on a defined strategy for each of the GDPR articles.  If an organization is seeking an independent opinion as to whether their organization has implemented the proper GDPR project initiatives, then an assessment engagement should be performed.

Audit Serve can also co-source with Audit Departments to conduct these GDPR Post-Implementation Audits and GDPR Compliance Audits.  

Audit Serve’s Outsourced DPO Services

• Gain understanding of client’s data privacy implementation initiatives to address all inscope data privacy regulations in order to allow Audit Serve to be able to address all data subject rights which can be requested.  For implementation initiatives that are deficient, Audit Serve would be available on a consulting basis to build-out these areas.
• Manage DSAR (Data Subject Access Rights) Requests which includes coordination with Client’s Customer Service team who may be designated to process certain DSAR requests in order to reduce overall costs.
• Coordinate and manage to resolution all complaints received from, and investigations initiated by, the worldwide Supervisory (regulatory) Authorities related to data privacy regulations
• Data Breach Analysis and Coordination
  • Coordinate Data Breach with Regulatory Authority as mandated by Article 33
• Serve as the point of contact for data subjects and supervisory authorities – Article 39 (d)
  • Client will be kept apprised of all interactions
• Monitor organization’s compliance with relevant data privacy rules and monitor data privacy risks arising in your organization’s activities – Article 39 (2) and other global data privacy regulations.
• Raise awareness within your organization of how data privacy laws affect data processing requirements – Article 39 (2).
• Ensure staff are trained on data processing requirements – Article 39 (2).
• Provide advice of data protection impact assessments and ensure they are performed– Article 39 (c).

Next Steps

Complete the Information Request form and Audit Serve will contact you to scope out the GDPR project requirements of your organization and establish a proposal for the engagement.