Data Privacy Internal Audit Form

Audit Date Auditor Name Department/Unit

Data Collection & Processing

Types of personal data collected Purpose of data processing Data collection methods

Data Access & Security

Access controls in place Security measures implemented

Data Sharing & Third Parties

Is personal data shared with third parties? Yes No List of third parties and purpose

Data Retention & Disposal

Data retention policy in place? Yes No Methods for secure disposal of data

Compliance & Training

Staff awareness of data privacy policies Yes No Last privacy training date

Audit Findings & Observations

Recommendations