The Data Breach Audit can provide a full data breach assessment, independently verify the events of a data breach, or validate process changes following the breach.
Initial breach briefing
We will work with you to understand the causes and consequences of the data breach, as far as your organisation is aware, before creating a bespoke audit scope.
The audit
Our experienced auditors will work with your staff and any third parties to ascertain the circumstances of the breach, including where possible:
- Understanding how the data was made non-confidential or unavailable or was altered;
- Confirming who was involved, whether internally or a third party;
- Understanding the length of time that the data was non-confidential, unavailable or altered;
- Ensuring that the data breach has been contained and files deleted, restored or corrected as necessary; and
- Validating processes that have been corrected following the breach.
The report
You will receive a data breach audit report detailing everything the investigation found regarding the breach.
This service is fully customisable according to your organisation’s needs. Depending on your requirements, we can also include legal advice relating to your data breach from our sister company GRCI Law or a full forensic investigation through a partner company.