Under the General Data Protection Regulation (GDPR), organisations must take various (security) precautions. A security audit can provide clarity as to whether your website and current working method fully meets privacy legislation standards.
We can support this by conducting a technical audit in the form of a pentest. To check the legal aspects, our partner ICTRecht conducts a privacy audit.
Comply with GDPR
Our Security Audit determines which security measures are relevant to your organisation and to what extent they have been implemented correctly. The pentest verifies the technical side. The privacy audit of ICTRecht will determine whether the measures are legally sufficient.
To gain insight into the risks in the field of IT security, we perform automated web application and network scans on your web application. We also do an extensive manual check for design, configuration and programming errors. We look for vulnerabilities that hackers are known to be able to exploit with the aim of gaining unauthorised access. Afterwards, you will receive an extensive report with our findings and recommendations.
With the privacy audit of ICTRecht it becomes clear whether the web application is legally GDPR-proof. First, privacy lawyers map out the current state of affairs with regard to privacy (GDPR). With a clear overview of the privacy risks, we look into the next steps together on to remove these risks. When all improvement have been successfully implemented, a Privacy Verified certificate will be issued to prove GDPR compliance.
Our work method
Before a pentest and privacy audit are carried out, an assessment meeting takes place discussing the relevant web application.
Depending on the size and complexity of your web application, we need about 5 days for a complete execution of the pentest.
After an extensive assessment by the experts of ICTRecht, the status of the entire process is tracked in your own dashboard.
- Assessment meeting
- Automated web application and network scans
- Extensive manual test
- Execution remote, on site if necessary
- Interim rescan(s) after fixing found vulnerabilities
- Report with findings and recommendations
- Assessment meeting
- Continuous insight into next steps
- Clear and practical suggestions for improvement
- No legal jargon
- Privacy Verified certificate and logo
- Privacy Verified certificate is valid for one year
Curious about our services?
Would you like more information about any of our services? Fill out your details and we will contact you within 24 hours on business days.