Conduct internal audit to monitor data protection policies

Data protection officer should assist organization to conduct an internal audit to monitor and evaluate the overall implementation of their data protection policies and processes. This could be done by:

• Conducting an internal audit on a periodic basis
• Conducting an ad-hoc walk through and inspection
• Engaging an external party (on a periodic basis or as required) to evaluate implementation
• Obtaining and maintaining certifications for the organization’s data protection measures