Helping you understand the flow of personal data within your organisation and implement any remedial actions to improve compliance.
A data protection audit assesses your organisation’s current practices to highlight where any compliance gaps exist, which then allows your organisation to understand the remedial actions that need to be implemented to improve compliance.
A data mapping exercise helps you understand the lifecycle and flow of personal data within your organisation, allowing your organisation to complete its record of processing activities and understand where remedial actions need to be implemented.
There are many reasons for undergoing an audit: you might be preparing your organisation for sale or investment; you may be new to data protection laws and wish to better understand what your organisation needs to do to meet compliance; or you may wish to re-assess/refresh your existing practices. We generally recommend that face-to-face audits are most beneficial for clients; however, we can undergo an audit in any way that suits your organisation best.
We generally recommend that face-to-face audits are most beneficial for clients; however, we can undergo an audit in any way that suits your organisation best. Should you prefer to carry out the audit independently, we can provide you with tailored tools to do this, and we will be on hand to assist with any specific or ad-hoc queries that you may have.
During a desktop audit, we perform the audit remotely and prepare and provide a tailored questionnaire for the organisation to complete. We then review completed questionnaires, alongside any existing written policies, procedures, privacy notices and contracts.
An interview audit involves us interviewing key personnel from the various business functions of your organisation to fully explore the flow of data in the organisation. We also attend your premises to audit the physical security (and test your visitor procedures). As part of this process, we then review the interview responses, physical security findings and all relevant documents.
Following a desktop or interview audit, we will prepare an audit report with our findings. This report includes an action plan for any remediation recommendations, which is presented as a colour-coded traffic light system to assist your organisation to prioritise its road to compliance. We can assist to remedy any compliance gaps identified.
We regularly assist clients of varying sizes and group structures with audits and data mapping exercises. We have assisted clients with multi-jurisdictional audits, and can act as lead counsel when input is required from local solicitors, for example to account for the derogations among EU member states.
Please get in touch with our team to discuss how we can support your business.
Contact UsSign up to get the latest legal insights and podcasts delivered straight to your inbox.
Shortlisted for Firm of the Year at the Scottish Legal Awards 2022.
In 2016, we became one of the first law firms in Scotland to become Living Wage accredited employers.
Winners of Corporate & Commercial Team of the Year and Family Law Team of the Year at the Scottish Legal Awards 2020.
Our Real Estate team won the Property Team of the Year Award at the British Legal Awards in 2018.
Winner of SME of the Year at the Scottish SME Awards 2017, hosted by Scottish Business Insider.
Highly Commended for Commercial Team of the Year at the British Legal Awards 2016.
We are a proud member of the Legal Sustainability Alliance, a network of law firms committed to working collaboratively to reduce our environmental impact
In 2019, MacRoberts achieved Cyber Essentials Plus certification, a UK Government entry-level information security standard.
MacRoberts holds the ISO 9001:2015 certification for Quality Management, the most widely recognised quality management system standard in the world.
MacRoberts holds the ISO14001:2015 certification for Environmental Management, demonstrating our ongoing commitment to environmental awareness.
MacRoberts holds the ISO27001:2013 certification for Information Security, an internationally recognised security gold standard.
Business continuity is a critical element of the Business Management System at MacRoberts and we hold full accreditation with the ISO 22301:2019.
MacRoberts is a member of IP Inclusive, a network of intellectual property professionals working to make our community more equal, diverse and inclusive.
We are active members of the PRIME Programme – an organisation that focuses on ensuring a career in law is open to talent from all economic and social backgrounds.
MacRoberts supports the Scottish Business Pledge, a values-led partnership between Government and business that is based on boosting productivity and competitiveness through fairness, equality and sustainable employment.
We are supporters of the Partnership for Change, a network of organisations and individuals who share a common ambition to improve diversity on boards and in senior leadership.
We are a member of the Employers Network for Equality & Inclusion (ENEI), a UK-based not-for-profit organisation which helps employers build and maintain diverse teams and inclusive cultures through our membership, training, and consultancy services.
In 2022, MacRoberts was awarded enei's Silver TIDEMark. TIDE is enei's self-assessment evaluation and benchmarking tool which measures an organisation's overall approach and progress on diversity and inclusion.
MacRoberts is a Disability Confident employer, and are committed to disability equality across our firm.
MacRoberts fully supports flexible working practices and supports family-friendly working practices.
In 2022, MacRoberts received a Bronze Award in Stonewall's Workplace Equality Index for our commitment to LGBTQI+ inclusivity in the workplace.
MacRoberts is a longstanding member of Scotland Food & Drink, the leading trade association for Scotland's food and drink industry.
MacRoberts is an Associate Member of SELECT, Scotland's largest construction trade association.
