An audit on compliance with the Data Protection Regulation (GDPR), an ISAE 3000, is the result of a review to assess whether the company complies with the Data Protection Regulation.
The reason for having an ISAE 3000 GDPR made in relation to the Data Protection Regulation may be a requirement from one or more customers; alternatively that the company itself chooses to have it prepared to signal credibility and security to stakeholders and potential customers.
During the preparation of an ISAE 3000 report, strict requirements are set for different areas:
- Is all use of personal information logged?
- Can unauthorized persons access personal information?
- Have the employees received the necessary instructions regarding the handling and processing of personal data?
- Are there any instructions that determine the responsibility for input and output data material?
- When servicing, repairing or disposing of media that contains personal data, is it done in a reassuring way?
We are proud to present the ISAE 3000 report for twoday A/S, under which Addo Sign operates. Read the full report here: