Services

Data Protection Auditor Services

The Zambian Data Protection Act of 2021 requires that annual audits on the compliance of data controllers and processors are conducted by Data Protection Auditors registered with the Data Protection Commission (DPC)

Silham Consulting and Training Services is a registered Data Protection Auditor firm with the DPC and provides Data Protection Audits as provided for in the Act. Silham follows industry best practices in its Data Protection Audit assignments, from the time of engagement with the customer, right up to the time of issuing the Final Audit Report.

The following are the activities performed by Silham during audits in line with the provisions of the Act:

• Assess the organisation’s data protection policies, processes and procedures;
• Review personal data handling practices;
• Examine IT systems and infrastructure of the organisation;
• Interview staff members who handle or face personal data;
• Carry out an assessment of the organisation’s security measures, such as firewalls, encryption, and access controls, to ensure they are adequate;
• Provide a report on the results of the audit, providing further information on areas where the controller or processor needs to improve its data protection practices and make recommendations for remediation.
• Submit or facilitate the submission of the Final Audit Report to the regulator in line with the relevant provisions of the Data Protection Act.