1ST AND 2ND PART AUDITS
FIRST PARTY AUDIT
First Party Audit or Internal Audit is a tool by which the Organization verifies its position regarding its processes and performance. This type of audit can be carried out by internal resources assigned according to the organization's task or by qualified external auditors to verify compliance on defined requirements. Thus, the purpose of a "First Party Audit" is to highlight the state of the art of the Privacy Management Model, of the audited area/department. The results of the audit are included within the report where the findings of the audit are contained.
AUDIT SECOND PART
The 2nd Party Audit, is a tool by which the commissioning entity (Monitoring Body, Company, Owner or Manager) can request a third party entity, to detect any deficiencies (documental or system) in the privacy organizational model of potential suppliers, services or products to be purchased, so that the principle of compliance with laws, rules or regulations is met. The purpose then of a "Part II Audit" is to highlight to the client the state of the art of the Privacy Management Model, of the audited entity.
THE STAGES OF 1ST AND 2ND PART AUDITS
Document verification
The purpose of this phase is to assess the completeness and compliance of the documental system of the designated area/department (manual, procedures, operating instructions) with the requirements of the relevant legislation on the processing of personal data
State of the art analysis
In this phase, the state of the art of the audited area/department is analyzed through interviews, objective evidence, procedures and operational processes put in place by the organization for the processing of personal data carried out
Findings
The results of the audit are included within the report where the audit findings are contained
Other services