The Data Breach Audit can provide a full assessment of the data breach, independently verify the events of a data breach, or validate process changes following the breach.
Initial breach briefing
We will work with you to understand the causes and consequences of the data breach as far as your organisation is aware, before creating a bespoke audit scope.
Our experienced auditors will work with your staff and any third parties to ascertain the circumstances of the breach, including where possible:
- Understanding how the data was made non-confidential or unavailable, or was altered;
- Confirming who was involved, whether internally or a third party;
- Understanding the length of time that the data was non-confidential, unavailable or altered;
- Ensuring that the data breach has been contained and files deleted, restored or corrected as necessary; and
- Validating processes that have been corrected following the breach.
You will receive a data breach audit report detailing everything the investigation found regarding the breach.
This service is fully customisable according to your organisation’s needs. We can also provide related services such as auditing specific computers to see if they have access to the breached data or auditing your dataset to highlight errors and help restore it. Depending on your requirements, we can also include legal advice relating to your data breach from our sister company GRCI Law, or a full forensic investigation through a partner company.