Many companies have started the potentially lengthy process of auditing their service provider contracts to make sure that they comply with the requirements of the General Data Protection Regulation. One of the requirements of the new GDPR is that you audit all your data processors. This includes the company that destroys your data when you dispose of your redundant IT equipment.
Choosing an ADISA member makes that easier, as they are already subject to unannounced audits which become a matter of public record. So rather than arrange a visit, and work out what questions to ask, and what you should be looking for, just look them up online.
ADISA perform multi-layered audits, including full audits, unannounced audits and forensic audits. Members are reviewed on a consistent basis with ADISA removing members if they do not meet the required standards.
That’s one more headache removed.