Are you looking for a legal compliance audit? The purpose of a compliance audit is to compare your organisation to a specific law, rule, code or standard, and determine the degree to which your organisation complies. A compliance audit involves the verification of compliance by your organisation with a law by gathering evidence. An audit is usually conducted after implementation has been done and often results in the auditor certifying compliance or certification by someone. It looks backwards and is about verification and assurance.
We have grouped the issues under main categories:
- Protection of Personal Information Audit (to check whether you comply with POPIA)
- Intellectual Property (to identify, protect and enables exploitation of your valuable IP)
- Electronic Process (to ensure that an automatic or electronic process is lawful and binding)
- Plain Language Document (we check your existing documents and where necessary convert existing documents into plain language without losing legal effect or weakening your rights)
- Social Media (will establish the current state of affairs regards social media and your organisation)
- Website (we ascertain the extent to which the organisation’s website complies with applicable law)
- Monitoring (to check that you are monitoring communications lawfully)
- Electronic Communications and Transactions (to ensure the legality of transactions that you conclude electronically (including contracting by email and SMS), the legal issues around electronic VAT invoices and email)
- Information Sensitivity (to identify what “sensitive” information you possess, what laws apply to such information and how to restrict access to and handle it)
- Document Imaging (to check the organisation’s document imaging practices)
- Access to Information (to check compliance with access to information or freedom of information laws)
- IT Goods or Services (the acquisition, management and disposal of IT goods and services)
- Information Security (to check your compliance with information security law)
We sometimes do a combination of the audits and that is usually called an IT Legal Compliance Audit (we audit your compliance with IT law generally).
Our Compliance Audit Process
Our audits normally include us:
- requesting you to send us various documents,
- sending various people questionnaires to answer,
- interviewing various people to discover more information and ask for further clarification,
- assessing the extent to which an organisation is compliant with applicable law, and
- assessing the associated legal risks.
An Audit Report including a Compliance Action Plan
We deliver a practical audit report in plain language detailing the degree to which your organisation complies. It includes our overall impression of your organisation’s degree of compliance, observations, noteworthy efforts and opportunities for improvement. We do not include much advice in our audit reports. Our report also highlights risks and recommends action to be taken in the form of a Compliance Action Plan.