Processor Privacy (GDPR) Audit


GDPR compliance doesn’t only depend on how personal data is processed within your company, but also at your processor’s. The right to audit in GDPR is a useful tool to ensure your processor’s compliance. This solution will deliver a useful report of the processor’s current condition. It will give you hands-on advice and tools to improve your collaboration.



Within GDPR it is your responsibility as a controller to ensure that sufficient security measures are taken to protect personal data against abuse or breaches. To meet this obligation, you have the right to audit the processors acting on your behalf. How do you do this when you don’t have any experience within this field?

Why a processor audit by Cranium?

CRANIUM Business Essentials offers a structured approach to check the processor’s compliance with all obligations towards the GDPR and towards you as a controller. We will audit the processor regarding technological, organizational and procedural measures and compliance in general.

What is the outcome of the audit?

The audit report gives you insight on the risks at this specific processor and it will hand you the tools to act accordingly. We will also provide you a range of options to lower existing risks to an acceptable level. This gives you, as the controller, the opportunity to decide which tasks you need to prioritize to protect the personal data.

This audit can be an initial audit or a check-up at a later time. The approach will be the same. If this is a second or third audit at the same processor, the report will be adapted to the amount of progress the processor has made compared to previous audits.


This audit is not applicable to the major players in the market. The Processor Privacy Audit is aimed at partners that support a specific Business target of your organization and are willing or obliged to cooperate.
If you want to audit a big international player we strongly advise you to send your request to for a tailor-made offering.

You may also like…