Privacy audits

We have extensive experience in conducting organisational reviews, focussing on privacy compliance and information management within organisations.

A privacy “audit” provides a detailed examination of both policy and practice, to highlight compliance gaps in the control environment, practices and procedures.

Our privacy audits utilise a number of techniques including questionnaires, paper-based review, face-to-face staff and management interviews, and an examination of systems and processes on the ground.

The result of a privacy audit will generally be a report containing:

• a description of the policies and practices of the organisation relating to privacy and information management
• a ‘map’ of which privacy principles and Acts apply to the organisation
•  risk areas identified in the privacy control environment
•  gaps identified with respect to compliance with the privacy principles
•  prioritised recommendations on how to address the gaps and risk areas

• the NSW Department of Human Services - Ageing, Disability & Home Care
  
• Central Queensland University
  
• the NSW Lifetime Care and Support Authority
  
• the Public Interest Advocacy Centre
• Southern Cross University
• Sydney Catchment Authority
• Carers NSW
• Combined Pensioners & Superannuants' Association

“Thank you so much for your excellent report.  We have already acted on a significant portion of your recommendations”

A client's General Manager, on completion of our privacy audit report