Services

Privacy Data Protection Act (PDPA)

The service will study the company's operations and review documents related to personal data protection to analyze facts and assess current operations, operational risks and make appropriate recommendations for each organization to make amendments under the requirements of the Act.

1. Review policies under the Privacy Data Protection Act.

2. Review the Privacy Data Protection Act compliance and current usage.

3. Review the Personal Data Correction Form and a letter of consent to the use of personal data under the Privacy Data Protection Act.

4. Verify storage, destruction, and management of data security under the Privacy Data Protection Act.

5. Verify the risk of data under the Privacy Data Protection Act.

6. Review the evidence related to the training on how to operate under the Privacy Data Protection Act.

7. Verify access control of information technology systems according to the Privacy Data Protection Act.

 

Details of Service

1. Auditing and reviewing documentary evidence from operations, analyzing, assessing under the framework of COSO, and giving opinions/recommendations.

2. Consultancy on internal control, risks, and governance processes.

3. Follow-up on the implementation of recommendations from the internal control system assessment.

 

Service Rates

** Depending on the size of the organization

 

Deliverables

Consultancy on the business operation to achieve corporate goals and report.

 

This service is suitable for

Advantage

What the clients need to prepare

1. Companies that want to prepare for compliance with the Privacy Data Protection Act B.E. 2562.

1. Recognizing how to properly control, collect, use, and disclose personal information.

1. Prepare information related to controls for compliance with the Privacy Data Protection Act B.E. 2562 for use in interviews and audits.

 

Related services

1. Internal Audit

2. Enterprise Risk Management (ERM)

 

Please contact

Ms. Kantima Humakorn 02-596-0500 ext. 327

 

1

PLANNING

• Business study associated with data collection and analysis.

• Discussions with Stakeholders and CAEs

2

EXCUTE

• Perform auditing and consulting in the scope of

Risk, Control, and Governance.

3

DELIVER

• Delivering Internal Audit Excellence as Stakeholders Expect