Law Services for Businesses Auditing & Data Mapping

Helping you understand the flow of personal data within your organisation and implement any remedial actions to improve compliance.

Understanding the flow of personal data within your business

A data protection audit assesses your organisation’s current practices to highlight where any compliance gaps exist, which then allows your organisation to understand the remedial actions that need to be implemented to improve compliance.

A data mapping exercise helps you understand the lifecycle and flow of personal data within your organisation, allowing your organisation to complete its record of processing activities and understand where remedial actions need to be implemented.

Why do a data protection audit?

There are many reasons for undergoing an audit: you might be preparing your organisation for sale or investment; you may be new to data protection laws and wish to better understand what your organisation needs to do to meet compliance; or you may wish to re-assess/refresh your existing practices.

We generally recommend that face-to-face audits are most beneficial for clients; however, we can undergo an audit in any way that suits your organisation best.

Should you prefer to carry out the audit independently, we can provide you with tailored tools to do this, and we will be on hand to assist with any specific or ad-hoc queries that you may have.

Desktop data audit

During a desktop audit, we perform the audit remotely and prepare and provide a tailored questionnaire for the organisation to complete.

We then review completed questionnaires, alongside any existing written policies, procedures, privacy notices and contracts.

Yuill and Kyle employees meeting round a table

Interview audit

An interview audit involves us interviewing key personnel from the various business functions of your organisation to fully explore the flow of data in the organisation. We also attend your premises to audit the physical security (and test your visitor procedures).

As part of this process, we then review the interview responses, physical security findings and all relevant documents.

Reporting and remediation

Following a desktop or interview audit, we will prepare an audit report with our findings. This report includes an action plan for any remediation recommendations, which is presented as a colour-coded traffic light system to assist your organisation to prioritise its road to compliance.

We can assist to remedy any compliance gaps identified.

How can we help you?

We regularly assist clients of varying sizes and group structures with audits and data mapping exercises. We have assisted clients with multi-jurisdictional audits, and can act as lead counsel when input is required from local solicitors, for example to account for the derogations among EU member states.

Please get in touch with our team to discuss how we can support your business.

Contact Us

Related Services

  • Data Protection & Cyber Security

    Our team advises clients on the full range of data protection matters to ensure your business is fully compliant with the law.

    Data Protection & Cyber Security
  • Data Breaches

    Our team can assist you in understanding whether your business has suffered a data breach and, where appropriate, advising on the next steps.

    Data Breaches
  • Policies & Documents

    We have a number of template policies and types of documentation to help your business comply with data protection law.

    Policies & Documents
  • Big Data & Technology

    Our team advises on the deployment of big data technologies in compliance with data protection law.

    Big Data & Technology
  • International Reach

    We can help you ensure your data processing activities are fully compliant with GDPR and the UK Data Protection Act worldwide.

    International Reach of Data Protection Law
  • Cyber Security

    Our team can advise you on full compliance with the requirements to ensure your business is not at risk of cyber crime.

    Cyber Security & Cyber Crime

Our Awards & Accreditations

  • In 2016, we were one of the first law firms in Scotland to become accredited Living Wage employers.

  • Shortlisted for Firm of the Year at the Scottish Legal Awards 2022.

  • Winners of Corporate & Commercial Team of the Year and Family Law Team of the Year at the Scottish Legal Awards 2020.

  • Our Real Estate team won the Property Team of the Year Award at the British Legal Awards in 2018.

  • Winner of SME of the Year at the Scottish SME Awards 2017, hosted by Scottish Business Insider.

  • Highly Commended for Commercial Team of the Year at the British Legal Awards 2016.

  • In 2019, MacRoberts achieved Cyber Essentials Plus certification, a UK Government entry-level information security standard. 

  • MacRoberts holds the ISO 9001:2015 certification for Quality Management, the most widely recognised quality management system standard in the world.

  • Iso 14001 2015 Environmental Management

    MacRoberts holds the ISO14001:2015 certification for Environmental Management, demonstrating our ongoing commitment to environmental awareness.

  • MacRoberts holds the ISO27001:2013 certification for Information Security, an internationally recognised security gold standard.

  • Business continuity is a critical element of the Business Management System at MacRoberts and we hold full accreditation with the ISO 22301:2019.

  • MacRoberts is a member of IP Inclusive, a network of intellectual property professionals working to make our community more equal, diverse and inclusive.

  • We are active members of the PRIME Programme – an organisation that focuses on ensuring a career in law is open to talent from all economic and social backgrounds.

  • MacRoberts supports the Scottish Business Pledge, a values-led partnership between Government and business that is based on boosting productivity and competitiveness through fairness, equality and sustainable employment.

  • We are supporters of the Partnership for Change, a network of organisations and individuals who share a common ambition to improve diversity on boards and in senior leadership.

  • We are a member of the Employers Network for Equality & Inclusion (ENEI), a UK-based not-for-profit organisation which helps employers build and maintain diverse teams and inclusive cultures through our membership, training, and consultancy services.

  • MacRoberts was awarded enei's Silver TIDEMark for 2023. TIDE is enei's self-assessment evaluation and benchmarking tool which measures an organisation's overall approach and progress on diversity and inclusion.

  • MacRoberts is a Disability Confident employer, and are committed to disability equality across our firm.

  • MacRoberts fully supports flexible working practices and supports family-friendly working practices.

  • In 2022, MacRoberts received a Bronze Award in Stonewall's Workplace Equality Index for our commitment to LGBTQI+ inclusivity in the workplace.

  • MacRoberts is a longstanding member of Scotland Food & Drink, the leading trade association for Scotland's food and drink industry.

  • MacRoberts is an Associate Member of SELECT, Scotland's largest construction trade association.