| Link(s): | New data protection audit framework launched to help organisations improve compliance | ICO Data protection audit framework | ICO |
Context
The ICO has today launched a new audit framework designed to help organisations assess their own compliance with key requirements under data protection law. The framework will empower organisations to identify necessary steps to improve their data protection practices and create a culture of compliance.
Key points to note and next actions
The audit framework provides firms with a starting point to evaluate how they handle and protect personal information. Whether for senior management, data protection officers, compliance auditors or those responsible for records management or cybersecurity, the framework offers practical tools for building and maintaining strong privacy management. The framework is an extension of the ICO’s existing Accountability Framework, and it has nine toolkits covering the following key areas:
- Accountability
- Records management
- Information & cyber security
- Training and awareness
- Data sharing
- Requests for data
- Personal data breach management
- Artificial intelligence
- Age-appropriate design
Each toolkit has a downloadable data protection audit tracker that will help organisations conduct their own assessment of compliance, tracking actions that must be taken in areas needing improvement.