1 / 9

Good Practice Louise Webb, Head of Good Practice Kai Winterbottom, Group Manager Victoria Heath, Group Manager

Good Practice Louise Webb, Head of Good Practice Kai Winterbottom, Group Manager Victoria Heath, Group Manager. Good Practice. Overview Consensual audit programme and scope areas Common areas of improvement Common areas of good practice Other Good Practice work Questions .

osmond
Download Presentation

Good Practice Louise Webb, Head of Good Practice Kai Winterbottom, Group Manager Victoria Heath, Group Manager

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Good Practice Louise Webb, Head of Good PracticeKai Winterbottom, Group ManagerVictoria Heath, Group Manager

  2. Good Practice • Overview • Consensual audit programme and scope areas • Common areas of improvement • Common areas of good practice • Other Good Practice work • Questions

  3. Audits: June 2010 to present

  4. Audit opinion: June 2010 to present

  5. Scope areas • Governance • Training and awareness • Records management • Security • Requests

  6. Common areas of improvement • Monitoring of compliance – with policies and procedures to ensure that they are being followed; with legal obligations in relation to Subject Access Requests • Monitoring of training – to ensure it is fit for purpose and targeted at the required audience • Remote/home working – lack of appropriate checks to ensure security of data

  7. Common areas of good practice • Management framework - to ensure there is effective oversight of data protection compliance. A framework of policies and procedures exist and subject to routine review to ensure they remain fit for purpose • IT security - USB endpoint controls • Records management – knowing what records are held and where, and that records are stored securely and that access to them is controlled

  8. Good Practice • Assessment Notices Code of Practice • Audit of service providers • Self assessment • Advisory visits

  9. Keep in touch Subscribe to our e-newsletter atwww.ico.gov.uk or find us on… • www.twitter.com/iconews

More Related