This Full Audit determines whether the organisation has implemented adequate policies and procedures to regulate the processing of personal data. Additionally, the review will ensure that monitoring of personal data processing is carried out by such policies and procedures and identifying and controlling the risks to mitigate data breaches.

It comprises approximately 1600 questions modulated across 17 primary business operational chapters:

    1. Risk Management
    2. Security Policy
    3. Organizational Security
    4. Asset Management
    5. Human Resources Security
    6. Physical and Environmental
    7. Communications and Operations Management
    8. Access Control
    9. Information Systems Application Development and Maintenance
    10. Incident Event and Communications Management
    11. Business Continuity and Disaster Recovery
    12. Compliance
    13. Mobile
    14. Privacy
    15. Software Security
    16. Cloud Security
    17. Privacy by Design