As part of our DPO services we offer GDPR Compliance Audits to help schools ensure that they are meeting their obligations to the ICO (Information Commissioners Office) and to identify areas where improvements need to be made. This helps cover all processes a school uses in collecting and using personal data.
Due to the sensitivity of the data schools process daily we perform an information audit as part of the roadmap and will check in several times throughout the academic year to check in and perform an audit on any new processes introduced.
As part of the audit, we check the processes against the main principles of GDPR:
These principles act as the foundation of our audits and ensure that the school is covering these as a minimum. Our compliance department adopt a risk-focused approach to the audit process, as part of the roadmap we perform an impact assessment on all necessary process'. This is to look at how we can minimise, the level of risk a school or trust face and suggest suitable steps to make processes more secure. We perform follow ups, to ensure the school is satisfied with the next steps and see if any new processes are in place which require an assessment
