Cordery has had considerable experience of helping clients assess and review their compliance efforts. Recent examples include:
- devising an internal audit methodology for a leading global healthcare company to assess its liability as a data processor under GDPR. This methodology is used by the organisation’s corporate internal audit team to assess subsidiaries around the world;
- an on-site assessment of a leading technology company to assess their GDPR responsibilities as a data processor. The project included an assessment of one of their data centres in the US;
- audit methodology for Privacy Shield audits.
The team build on the checklist based approach developed by some of the Cordery team almost 20 years ago and outlined in the ‘Managing Risk: Technology and Communications’ book published by LexisNexis in 2004.