Abstract
As prelude, this chapter touches on definition and indicators of a Data Protection Audit. It will then describe its legal and technical prerequisites such as auditor competence, requirements of the law, requirements of ISO standards and best practice catalogs. The next sections examine the objectives of a Data Protection Audit within the corporate development and subsequently the conception of a Data Protection Audit. The final and main section draws the attention on what I named as: “Practical Guide”—that is, how to manage a Data Protection Audit “step-by-step”.
We always take these audit findings seriously. We are always looking to improve. (Steve Pierce, President of the Arizona State Senate since 10th November 2011 to date)
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Federal Data Protection Act (“Bundesdatenschutzgesetz” or “BDSG” - as of 1 September 2009), http://www.bfdi.bund.de/EN/DataProtectionActs/Artikel/BDSG_idFv01092009.pdf?__blob=publicationFile. Accessed 1 June 2012.
- 2.
- 3.
Based upon W. Edwards Deming. Deming proposed a four-step-process (plan-do-check-act), also known as the PDCA cycle. He believed that a successful quality improvement and management programme would follow the plan-do-check-act cycle of events (Deming 1985).
- 4.
Based upon Joseph M. Juran, who suggested the principle and named it after Italian economist Vilfredo Pareto who noticed that 80 % of Italy’s land was owned by 20 % of the population; gradually, the Pareto-Principle has been applied to other relationships and it is nowadays a common rule of thumb in business (Juran 1974).
References
Deming WE (1985) Out of the crisis. MIT Centre for Advanced Educational Services, Cambridge
Juran JM (ed) (1974) Quality control handbook, 3rd edn. McGraw-Hill, New York, pp 2-16–2-19
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Fischer, P.E. (2013). Data Protection Audit: The German Experience. In: Ismail, N., Yong Cieh, E. (eds) Beyond Data Protection. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33081-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-33081-0_12
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33080-3
Online ISBN: 978-3-642-33081-0
eBook Packages: Humanities, Social Sciences and LawLaw and Criminology (R0)