Are you looking for a legal compliance audit? The purpose of a compliance audit is to compare your organisation to a specific law, rule, code or standard, and determine the degree to which your organisation complies. A compliance audit involves the verification of compliance by your organisation with a law by gathering evidence. An audit is usually conducted after implementation has been done and often results in the auditor certifying compliance or certification by someone. It looks backwards is is about verification and assurance. We have years of experience doing various compliance audits on specific focus areas. We can also do an assessment or gap analysis, but those are something different.
- Protection of Personal Information Audit (to check whether you comply with POPIA)
- Intellectual Property Audit (to identify, protect and enables exploitation of your valuable IP)
- Electronic Process Audit (to ensure that an automatic or electronic process is lawful and binding)
- Plain Language Document Audit (we audit your existing documents and where necessary convert existing documents into plain language without losing legal effect or weakening your rights)
- Social Media Audit (will establish the current state of affairs regards social media and your organisation)
- Website Audit (we ascertain the extent to which the organisation’s website complies with applicable law)
- Monitoring Audit (to check that you are monitoring communications lawfully)
- Electronic Communications and Transactions Audit (to ensure the legality of transactions that you conclude electronically (including contracting by email and SMS), the legal issues around electronic VAT invoices and email)
- Information Sensitivity Audit (to identify what “sensitive” information you possess, what laws apply to such information and how to restrict access to and handle it)
- Document Imaging Audit (to check the organisation’s document imaging practices)
- Access to Information Audit (to check compliance with access to information or freedom of information laws)
- IT Goods or Services Audit (the acquisition, management and disposal of IT goods and services)
- Information Security Audit (to check your compliance with information security law)
We sometimes do a combination of the audits and that is usually called an IT Legal Audit (we audit your compliance with IT law generally).
Our Compliance Audit Process
Our audits normally include us:
- requesting you to send us various documents,
- sending various people questionnaires to answer,
- interviewing various people to discover more information and ask for further clarification,
- assessing the extent to which an organisation is compliant with applicable law, and
- assessing the associated legal risks.
An Audit Report including a Compliance Action Plan
We deliver a practical audit report in plain language detailing the degree to which your organisation complies. It includes our overall impression of your organisation’s degree of compliance, observations, noteworthy efforts and opportunities for improvement. We do not include much advice in our audit reports. Our report also highlights risks and recommends action to be taken in the form of a Compliance Action Plan.