Compliance Audit

Boards of management/ETBs should conduct periodic audits of their data protection procedures. In doing so the following procedure is recommended:

  1. Appoint an individual to oversee responsibility for data protection. 
    • This function may be undertaken by the school principal or a member of the board of management,as appropriate. 
    • In the case of records maintained by an ETB, the CEO or his/her nominee (e.g. principal or member of Head Office staff) undertakes this function.
  2. Evaluate current practices and procedures to ensure that they meet the demands of the Data Protection Acts
  3. Conduct a risk assessment using the Compliance Checklist provided. To encourage schools to review existing policy/procedures by a compliance checklist is supplied. By accessing the Compliance Checklist  each school can prepare a relevant, meaningful, and up-to-date Data Protection Policy, supported by robust procedures which are regularly reviewed in line with best practice and good governance.