It may be inefficient to assign the work on the GDPR to employees of the company or a corporate lawyer.
There are 3 reasons for this:
- Employees often do not have special education in the field of personal data protection.
- Employees are not motivated to conduct a GDPR audit because they do not see the whole picture and do not know how to proceed.
- Employees do not have time because work responsibilities remain, and the GDPR compliance is postponed.
The audit will be of poor quality and you will simply waste time and resources to conduct it.