Within this service, the ESKOM experts carry out a comprehensive inspection of the Organisation in terms of compliance of activities related to processing of personal data with the GDPR requirements (Regulation of the European Parliament and Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – General Data Protection Resolution). It is worth to mention that GDPR regards all legal and physical entities which determine the purposes and ways to process personal data. All enterprises which run business on the territory of the European Union are subject to those regulations.
Auditing activities will be implemented in three stages:
Observation and collection of data from the examined Organisation (i.a. presumptions for the lawfulness of personal and sensitive data processing, scope and purpose of data processing, information obligation, safety of IT systems).
Analysis and possible supplementation of the material. ESKOM will assess the collected material in respective fields based on self-developed, detailed indicators. Recommendations will be prepared, implementation of which will enable obtainment of compliance with requirements.
Development of results and presentation of recommendations. Results of the analysis can be developed in form of a document indicating a percentage level of obtainment of compliance with the requirements. In addition, confirmations of meeting the requirements and recommendations will be presented, in case of necessity to undertake corrective activities. Material will also be discussed with representatives of the Organisation during the workshops summing up the audit.
GDPR Audit – profits:
Frequent consequence of the carried out audit is a set of recommendations, which the Organisation should meet in order to meet the compliance with requirements. ESKOM, at the request of the Client, can prepare a detailed plan of action, which should be undertaken in order to fill in the recommendation. In addition ESKOM may perform the following tasks, such as:
Performing a risk assessment and developing technical and organizational requirements, adequate to the required level of data protection.
Development of data processing documentation.
Top quality and security