Carrying out a Data Audit

• What kind of data is being collected and stored, where and why?
• Which different parts of Redwood might store their own data?
• How is the data used (i.e. processed) both internally and externally?
• How long is the data retained?
• Who has access to the data both inside and outside of the business?
• What procedures and controls are in place to keep data safe?

It’s likely that our audit will identify some areas where our current data systems or processes are not compliant with the GDPR, and so the final column enables us to identify action that might be required. In some cases, we might decide that data is no longer needed to be held and processed, in other cases, it might be changes to how we store the data or who has access to it.  For a number of cases we may need to clarify in our data privacy policy how you are storing and using the data.

Resources

Below is a Word Template PDF Template (with Example) and Completed Data Audit

Data-Audit Template

Data Audit