Controller, with the aim of determining compliance with the obligations established by the regulatory regulations by the responsible. Among the purposes of this type of audit, the following can be highlighted: the verification of the level of security for the treatment of personal data subject to treatment; detect possible deficiencies in the company's computer systems; analyze those aspects of data processing to improve and, transmit to the employees of the data controller, the importance of fulfilling the obligations regarding the collection, protection and correct treatment of personal data.
Types of data protection audit there are two types of audit to be carried out by the treatment managers, depending on whether or not they are e commerce photo editing service assumed by them, specifically, we find: internal audit it is carried out by the treatment manager 's own staff who are specialized in personal data protection. These must carry it out in different phases and, subsequently, they will send their reports to other subjects involved in data processing, with the aim that they can implement the measures that are appropriate to alleviate possible deficiencies or mitigate future risks. Inesem business school master in compliance and data protection + 5 ects credits more information in practice, this type of audit is not recommended , since a certain objectivity is lost, as well as requiring specific
knowledge on the merited subject and current regulations. External audit in this case, the audit service is entrusted by the data controller to an external entity, specialized in data protection, whose objective will be to review the internal procedures, the computer systems, as well as the rest of the obligations attributed to them by the legislation. Once each of its phases has been completed, a report must be presented with the result and the proposals to be implemented. Phases of a data protection audit normally, and depending on the types of data