Securing the data supply chain can be a challenge. Under the GDPR (General Data Protection Regulation), data controllers are liable not just for their own compliance, but also for that of third-party processors.
Contracts and questionnaires, while useful components of any due diligence process, are necessarily limited. Auditing third-party processors is the most effective way to ensure ongoing compliance.
Download this paper to:
- Find out why contracts and questionnaires offer limited assurance;
- Understand the auditing process; and
- Learn what to look for in a third-party audit provider.