Best Practice Update

Checklists in navy text by Data Protection Education. Data Protection Services badge.  The DPE Knowledge Bank on a laptop screen

Product Focus on Checklists : Supplier Due Diligence

All of our customers have access to the DPE Knowledge Bank which has a Best Practice Checklist area.  Each checklist is designed to help you walk through all aspects of data protection.
The checklist will give you an insight about where your organisation is with data protection from a data privacy and technical security perspective. The checklists form part of the Best Practice library which includes contextualised guidance, documents and resources on specific areas of data processing.  The checklists form part of the ICO Accountability Framework which helps organisations with their governance and corporate risk management where it relates to data protection.    The checklists cover all aspects of the framework, enabling you to assess against organisation baselines:

  1. Leadership & Oversight
  2. Risk Management (DPIA's)
  3. Policies & Procedures
  4. Individual Rights
  5. Contracts & Data Sharing
  6. Transparency
  7. Training & Awareness
  8. Records Management
  9. Monitoring Verification & Reporting (Data Breaches, SARs and FOI's)
  10. Response & Enforcement (SARs and FOI's)

Supplier Due Diligence

The Supplier Due Diligence checklist covers basic questions when starting on third party supplier due diligence. It links to the Supplier Due Diligence Best Practice Area which discusses the responsibilities of the controllerwhen using a processor.  There is help and advice about how to go about asssessing the risk when sending data to a third party processor, and our supplier due diligence form which can be sent to new suppliers for assessment - we can help you assess the risk. If you receive a completed form, then email This email address is being protected from spambots. You need JavaScript enabled to view it..

Answer a sample Supplier Due Diligence checklist question:

Have you completed a risk assessment/RoP?

Invalid Input


Amazing, you have ticked off an important item on the supplier due diligence checklist:

For further help and guidance and access to the full checklist, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..




Your organisation should have completed some due diligence on each supplier or third party that you share personal data with.  Contact your data protection lead or DPO for further advice.

Clipart cartoon with headphones on Please contact us for more help and advice about data protection compliance and cyber security standards: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice. 

 


Try asking the data protection lead in your organisation, or SLT digital lead or contact your DPO:

We can provide help and guidance with data protection compliance, cyber security standards and records management: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.




DPE customers can get started on completing the Supplier Due Diligence checklist here:

Search