Data breaches can have any number of causes, and the circumstances around a breach are not always immediately clear. A data breach could be any situation where personal data is not confidential or available, or is incorrect or incomplete. Under the GDPR (General Data Protection Regulation), many data breaches must be reported to the ICO (Information Commissioner’s Office) within 72 hours of becoming aware of the breach, with a detailed follow-up required. Internal investigations are time-consuming, and many organisations do not have the in-house expertise required to find out the exact cause of the breach.

Our Data Breach Audit service delivers an independent assessment of the circumstances surrounding a data breach, enabling your organisation to deal with the data breach effectively and within the confines of the GDPR. The audit can also validate that process changes following a breach have been effective.

Find out more about our Data Breach Audit below, or fill in the form below to speak to an expert within one working day.

What will the Data Breach Audit involve?

The Data Breach Audit can provide a full assessment of the data breach, independently verify the events of a data breach, or validate process changes following the breach.

1.

Initial breach briefing

We will work with you to understand the causes and consequences of the data breach as far as your organisation is aware, before creating a bespoke audit scope.



2.

The audit

Our experienced auditors will work with your staff and any third parties to ascertain the circumstances of the breach, including where possible:

  1. Understanding how the data was made non-confidential or unavailable, or was altered;
  2. Confirming who was involved, whether internally or a third party;
  3. Understanding the length of time that the data was non-confidential, unavailable or altered;
  4. Ensuring that the data breach has been contained and files deleted, restored or corrected as necessary; and
  5. Validating processes that have been corrected following the breach.

3.

The report

You will receive a data breach audit report detailing everything the investigation found regarding the breach.


This service is fully customisable according to your organisation’s needs. We can also provide related services such as auditing specific computers to see if they have access to the breached data or auditing your dataset to highlight errors and help restore it. Depending on your requirements, we can also include legal advice relating to your data breach from our sister company GRCI Law, or a full forensic investigation through a partner company.

Bespoke Solutions

Service benefits

  • Get a full review of the data breach to comply with the GDPR’s breach reporting requirements.
  • Prove to the ICO that you are doing all you can to investigate the breach.
  • Get an independent validation of your breach investigation findings.
  • Reassure customers and stakeholders that you take data protection seriously.
  • Prevent similar breaches by fully investigating and rectifying the circumstances of your current data breach.

Speak to an expert about our Data Breach Audit service today

Simply fill in the form to speak to us within one working day.

Speak to an expert