Supplier audits
You share the personal and sensitive data with your trusted third parties to deliver the best service to your customers. Under the GDPR (General Data Protection Regulation), you are obliged to monitor these data processors to ensure that they are protecting the data in accordance with your contract.
We can conduct full data protection audits of your suppliers. Simply give us your supplier list and we will take care of the rest:
Allocating risk levels – each supplier will have a different risk level depending on its business and the data it processes.
Takes the legwork out of supplier audits.
Designing audit templates and an audit schedule tailored to your business needs and the nature of the processing.
All of our auditors are experienced in maintaining supplier relationships.
Conducting the audits via a form, a phone call or an in-person visit, depending on the supplier’s risk level.
Clear reports you can share with suppliers if you want.
Reporting the results back to you, including remediation actions if the audit finds anything amiss.
We will also audit against other contractual requirements if requested.
Our audits are designed following the ISO 27001 and ISO 27701 standards. ISO 27001 is the international standard for ISMSs (information security management systems). ISO 27701 is an extension to ISO 27001 that focuses on privacy information management, and includes guidelines for data protection in supply chains.
By following these standards, organisations can ensure that they have a robust information security framework in place, and that they comply with privacy regulations.
Read more about supply chain audits or contact us.