 |
Basis of Questions (print ref: Part 4, Section 4.1)
Auditors should remember that all the questions used during an Audit should be based either on the organisation's own data protection system documentation, or the requirements of the Data Protection Act. Therefore:
- Do not refer to "good practice"
- Do not express personal preferences
You are there to check whether the practices and activities throughout the various areas of the organisation comply with the documented data protection system, and whether this adequately meets the requirements of the Data Protection Act.
|
|