The service will study the company's operations and review documents related to personal data protection to analyze facts and assess current operations, operational risks and make appropriate recommendations for each organization to make amendments under the requirements of the Act.
1. Review policies under the Privacy Data Protection Act.
2. Review the Privacy Data Protection Act compliance and current usage.
3. Review the Personal Data Correction Form and a letter of consent to the use of personal data under the Privacy Data Protection Act.
4. Verify storage, destruction, and management of data security under the Privacy Data Protection Act.
5. Verify the risk of data under the Privacy Data Protection Act.
6. Review the evidence related to the training on how to operate under the Privacy Data Protection Act.
7. Verify access control of information technology systems according to the Privacy Data Protection Act.
1. Auditing and reviewing documentary evidence from operations, analyzing, assessing under the framework of COSO, and giving opinions/recommendations.
2. Consultancy on internal control, risks, and governance processes.
3. Follow-up on the implementation of recommendations from the internal control system assessment.
** Depending on the size of the organization
Consultancy on the business operation to achieve corporate goals and report.
This service is suitable for
What the clients need to prepare
1. Companies that want to prepare for compliance with the Privacy Data Protection Act B.E. 2562.
1. Recognizing how to properly control, collect, use, and disclose personal information.
|1. Prepare information related to controls for compliance with the Privacy Data Protection Act B.E. 2562 for use in interviews and audits.|
1. Internal Audit
2. Enterprise Risk Management (ERM)