GDPR/CCPA Compliance Audit
End-to-end privacy audit covering scope, data inventory, DSAR readiness, consent records, DPA review, cross-border transfers, breach-notification readiness, gap analysis, CAPA, and DPO sign-off. Jurisdiction (EU/US/Both) drives different obligations.
For: Privacy Officer & Data Engineer & Legal Counsel teams
What this template includes
Process steps
- 1Audit scope & jurisdiction
- 2Data inventory & records of processing
- 3DSAR / consumer-rights readiness
- 4Consent records & opt-out enforcement
- 5DPA / processor agreements review (GDPR)
- 6Cross-border transfer controls
- 7Breach-notification readiness
- 8Gap analysis & overall finding
- 9Legal & Executive briefing (critical findings only)
- 10DPO sign-off & audit closure
Ready to run this process?
Open this template in Cadenio, customize the fields and approvals for your context, and run it for the first time in under 60 seconds.
Related templates
Vendor Compliance Review
Vendor compliance review template with document collection, security controls validation, and risk sign-off — 4 approval gates and a clean audit record ready before the reviewer asks.
ComplianceSOX Compliance Testing
SOX compliance testing template — control walkthroughs, evidence collection, and deficiency tracking in one structured workflow with 3 approval gates and an immutable audit trail.
ComplianceThird-Party Risk Assessment
End-to-end third-party risk assessment across operational, reputational, financial, and compliance dimensions. Aggregate risk drives executive sign-off; decision drives onboarding, conditions, deferral, or rejection.