iSecure logo
GDPR Seminars

GDPR audit and data processing risk assessment in practice

A GDPR audit is one of the most popular phrases on Google when searching for something to do with data protection. These types of audits became extremely popular in 2018, when the EU regulation was knocking on the doors of many organisations that had previously been almost completely unaware that data protection regulations had already existed in Poland since 1997.

Our company has been conducting data protection audits since 2010. We know the whole process from the practical side. We have become familiar with the challenges that an auditor encounters during an audit and have developed specific solutions in response. We are able to identify risks, assess the risks and suggest how to deal with these risks (in particular how to minimise them). So one could say we have a wealth of experience in this field, which we are happy to share.


- you know the basics of GDPR,

- you do not want to make another "GDPR resume" once again or spend most of the training repeating definitions,

- you simply want, as a DPO, to do your job well and carry out decent GDPR audits and data processing risk assessments,

- you expect concrete information and practical answers, as well as useful materials,

sign up for our training!


We know the theory, but we are practitioners. We can not even count how many data protection compliance audits we have completed. Risk assessments, on the other hand, are part of our daily work, backed up by years of experience. We know what specifically causes difficulties in their implementation.

To meet your expectations, we have prepared a unique training course, full of specifics, during which you will gain a lot of practical knowledge and a mass of answers to your questions!  



  • practical knowledge - a step-by-step discussion on how to prepare and execute a GDPR audit and carry out a risk assessment to then move on to the implementation of the specific requirements under the EU regulation,
  • a certificate of completing the training,
  • training materials (presentation and recording of the training),
  • an accessible form of training - online, from a place that is most convenient for you,
  • the opportunity to exchange experiences with other training participants,
  • free GDPR support (the participant can take advantage of 1 hour of advice - up to one month after the training),
  • 20% discount on our GDPR e-learning for employees (up to six months after the training),
  • selected ebook for free (from our online shop offer) and additionally a 20% discount on all our materials in the aforementioned shop - ebooks, training (up to six months after the training).



BLOCK I - GDPR audit  

  1. Purpose of the audit - what can the purpose of an audit be, what types of audits are there (internal, external, processor, etc.), why an audit is needed in an organisation and how to communicate this purpose for the best effect?
  2. Audit plan - what should it include, what are the key elements of an audit plan?
  3. Audit flowchart and how to conduct an audit - practical milestones discussed step by step.
  4. Audit interviews - how to conduct them?
  5. Audit questions - concrete suggestions using audit questionnaires as an example.
  6. Accessing the information needed during the audit - the most common challenges and hints on how to obtain insight or copies of information.
  7. How to describe non-conformities - practical options for indicating non-conformities in a fair and understandable way.
  8. Post-audit report - what should it contain and who should receive it?
  9. Exercise: audit interview in practice.


BLOCK II - Risk assessment of data processing  

  1. Organising the risk analysis process - outlining the essential elements to start with.
  2. Risk assessment methodology - explaining the key points of a risk analysis.
  3. Risk assessment worksheet - discussion of the elements that should be included in such a document.
  4. Actions to take after a risk assessment - guidance on how to proceed depending on the results of the assessment.
  5. Exercise: risk assessment for a selected data processing process.



Online training   

We deliver this training remotely (online) - the trainee connects from a location convenient to him/her. Adequate internet access and comfortable equipment (e.g. computer, headphones - whichever you prefer) are important.

Price: PLN 500 net (23% VAT should be added to the given amount).

Training at this price will be organised if at least 4 participants register.



Submit your participation for the date of your choice below - it's easy, click on the date of your choice and go to order.



Registering for a training course involves placing an order in our shop, so we ask you to go through the following steps to register your participation:

  1. click on the date of the selected training course,
  2. once you have reached the product page (of the selected training), add the training to your basket,
  3. go to the basket by clicking on the graphic with the completed basket or "View basket",
  4. confirm your order (registration for the training course),
  5. fill in and send the order form (registration for the course) in further steps.
Katarzyna Ułasiuk-Delamare
Member of the Board
Newsletter subscription
By adding your e-mail address and confirming "Sign up" you agree to processing your e-mail address by iSecure Sp. z o.o. for the purpose of sending a newsletter about services, events, or other activities of our Company