What does this cover?

The ICO have unveiled a new data protection compliance self-assessment tool (the Tool) for small and medium sized businesses.

The Tool contains links to further information and guidance and generates a risk rating which takes into account responses inputted from the user regarding their business' systems, processes and controls.

Alongside information released on the ICO website, the ICO has issued a document of consolidated testimonials which were gathered from the pilot testing of the Tool. One comment reads:

We would use this toolkit to develop the maturity of approach to understanding DPA considerations, improving sustainability and identifying strengths and weaknesses. By providing consistency to clients and generally professionalising the approach, we feel this improves commercial opportunities for companies which follow this process as it drives out clearly defined security scopes that are proportionate, necessary and commensurate to risk.” - Stephen Halpin from FOUR security Consultants Ltd.

To view the ICO press release on its DPA self-assessment tool, please click here.

To access the ICO DPA assessment tool, please click here.

What action could be taken to manage risks that may arise from this development?

Although aimed at SMEs, all organisations may find the Tool a useful starting point when looking at ways to measure and assess its own DPA compliance.