Audits at service providers and suppliers Transparent – Structured – Legally Compliant We conduct audits of your data processors on your behalf and relieve you of the legally required contract controls. The GDPR requires companies to ensure an adequate level of data protection and the protection of personal data. This also applies when companies engage external service providers to perform certain tasks on their behalf. Therefore, companies may only work with external service providers who can demonstrate that they implement appropriate TOMs (Technical and Organizational Measures) and that the processing of personal data thus meets the requirements of the GDPR. This compliance with the assured TOMs must be verified by the client. The scope of the verification depends on the service commissioned. The control of the service providers is carried out through audits, which, depending on the level of protection required, may involve various measures such as self-assessments or on-site audits. Trigonum supports you in planning and conducting audits with your data processors. The GDPR requires companies to ensure an adequate level of data protection and the protection of personal data. This also applies when companies engage external service providers to perform certain tasks on their behalf. Therefore, companies may only work with external service providers who can demonstrate that they implement appropriate TOMs (Technical and Organizational Measures) and that the processing of personal data thus meets the requirements of the GDPR. This compliance with the assured TOMs must be verified by the client. The scope of the verification depends on the service commissioned. The control of the service providers is carried out through audits, which, depending on the level of protection required, may involve various measures such as self-assessments or on-site audits. Trigonum supports you in planning and conducting audits with your data processors. What We Offer Comprehensive Expertise Our experienced and highly qualified data protection and information security team possesses interdisciplinary competencies in the areas of data protection, information security, law, and IT. The team, consisting of legal experts, IT professionals, economists, certified data protection officers, ISO 20000 auditors, IT security officers, as well as ISO 27001 auditors and ISO 27001 lead auditors, supports you in complying with legal requirements as an external data protection officer. Through continuous training and education and ongoing knowledge exchange in the fields of data protection and IT and information security, our consultants maintain a high level of expertise and stay up-to-date. Years of Experience Our consultants have extensive practical, leadership, and project experience in the fields of data protection, information security, organizational development, and business processes across various corporate areas and industries in SMEs and large corporations. Within our team, we combine decades of knowledge and experience in implementing data protection requirements, as well as in the establishment, operation, and further development of data protection management systems. The wide range of our proven methods, procedures, and solutions enables a holistic approach to addressing challenges and helps to avoid mistakes. Increased Security Through Certified Consultants For your security and compliance, our consultants have earned a wide variety of certifications from organizations such as TÜV Rheinland, TÜV Nord, DEKRA, the Data Protection Certification Company mbH (DSZ), and the Federal Office for Information Security (BSI). They are available to you as certified data protection officers, data protection auditors (DSZ), ISO 27001 lead auditors, ISO 27001 audit team leaders of the BSI, IT baseline protection auditors (BSI), ISO 20000 auditors, and IT security officers to enhance security in your company. Participation in Committees Our data protection consultants are involved in various committees, including serving as spokespersons for the Northern Regional Group in the Professional Association of Data Protection Officers of Germany (BvD) e.V. and as members of the Society for Data Protection and Data Security e.V. (GDD). Additionally, Trigonum contributes to the development of project management methods and standards in international committees of the Project Management Institute. Personal Consultation at Eye Level Together with you, we develop practical, tailored solutions for your company through open and personal exchanges on an equal footing. Our goal is to consider your wishes, ideas, and requirements in the individual solutions. Location Hamburg - Active Nationwide Trigonum GmbH – based in Hamburg, active nationwide and internationally. Depending on your needs and preferences, we advise our clients both on-site and remotely. Professional Checklists and Transparent Results Report with Concrete Recommendations for Action As a result of your data protection status assessment, you will receive a clear and comprehensive report on the state of data protection in your company. This report provides transparency and forms the basis for further steps towards building a professional data protection management system. The results report summarizes the findings from the audits and visualizes them, organized by data protection processes. Trigonum uses a so-called traffic light reporting system, which highlights the processes that still require action and those that are already well implemented. Along with the results report, Trigonum provides you with individual recommendations for implementing data protection in your company, as well as measures and suggestions for building a Data Protection Management System (DPMS). Upon request, we can also support you in implementing the recommendations and measures. Our Services Conducting independent audits of your data processors to verify the implementation of appropriate TOMs. Supporting compliance with legal requirements for data processing (GDPR) and fulfilling control obligations. Reviewing data processing agreements according to GDPR requirements. Defining data protection and information security requirements for data processing. Audits of Service Providers and Suppliers – What Benefits? Fulfillment of control obligations as a client and compliance with GDPR requirements Ensuring GDPR-compliant data processing Avoiding fines and penalties for GDPR violations Transparency regarding the TOMs of data processors Ensuring an adequate level of security with service providers Audits of Service Providers and Suppliers – What Benefits? Fulfillment of control obligations as a client and compliance with GDPR requirements Ensuring GDPR-compliant data processing Avoiding fines and penalties for GDPR violations Transparency regarding the TOMs of data processors Ensuring an adequate level of security with service providers More on Data Protection Data Protection - Our Holistic Security Approach We are convinced that data protection should not be viewed in isolation. Therefore, we focus on integrating IT security, information security, and data protection. Through a holistic approach to the requirements, combined with our years of experience and a proven practical methodology, we ensure that data protection is not just a formal obligation but also creates sustainable added value. Status Assessment and Audits Only those who know where they stand and how they are progressing can navigate purposefully and find the right strategy for tailored data protection. We conduct a professional status assessment in your company. By combining comprehensive checklists that consider the requirements of various recognized standards (GDPR, ISO 27701, ISO 27001, ISO 20000, TISAX, etc.), years of practical experience, and an innovative methodology, we work together with you to determine your position and find the right path to your data protection management system. If you need an audit service provider, get in touch with us! Der direkte Draht zu Trigonum: +49 40 3199 1618 0 Trigonum GmbH Notkestrasse 9 22607 Hamburg Your Name* Bitte lasse dieses Feld leer. Your E-Mail-Adresse* Bitte lasse dieses Feld leer. Subject* Your message (optional) We need the data marked with an asterisk in order to process your enquiry. We process the data you enter in the contact form in accordance with our Privacy policy.