The Police Data Act (Wpg) imposes stringent requirements on organizations performing police tasks. Not only police units fall under this legal framework, but also municipalities, public transport companies and other entities with special investigating officers (boas), including enforcement officers, compulsory education officers and inspectors.
All of these parties are subject to an explicit audit requirement. ARC People specializes in conducting high-quality Wpg audits and assists organizations in demonstrating compliance with their legal obligations.
Insight, accountability and improvement with a Wpg audit
The audit obligation under the Wpg aims not merely at formal compliance, but at ensuring privacy protection in the daily execution of police tasks. This translates into two concrete obligations:
- A four-year external audit, to be conducted by an independent, certified IT auditor (RE).
- An annual internal audit to review the design, operation and effectiveness of measures and procedures.
These audits are fundamental to the structural management of risks in the processing of police data. Identified shortcomings must be addressed through targeted improvement plans. The review thus goes beyond compliance alone and touches directly on the managerial responsibility of the controller.
Consistency with broader privacy regulations
Although the Wpg is an independent legal framework, there are clear parallels at the substantive level with the General Data Protection Regulation(AVG). ARC People monitors these interfaces and ensures an integrated approach. This prevents audit findings from remaining isolated and creates consistency with broader privacy governance within the organization.
Proportionality and risk approach
Our approach is risk-driven. We carefully tailor the scope of our review to the nature and scope of the police function within the organization. That proportionality is essential to keeping the audit relevant and actionable while being effective in identifying structural vulnerabilities.
Succession and monitoring support
With us, an audit does not have to end with the report. If required, we will assist in formulating improvement plans and provide substantive support in discussions with supervisors or internal management.
Monitoring and annual review
To comply with internal audit requirements, ARC People provides support in establishing and implementing a robust review cycle. Annual monitoring provides an up-to-date picture of d
he compliance status and enables timely anticipation of new risks or changing legislation.
ARC People as a substantive sparring partner
Our auditors combine in-depth knowledge of privacy laws and information security with practical experience in a variety of organizations. They are NOREA-registered Registered EDP auditors and have a keen eye for both the letter and spirit of the law.
When conducting a Wpg audit, we take a structured approach, taking the technical and organizational control measures in their full context
reviewed. In doing so, we carefully coordinate with key officials such as the data protection officer (FG), the head of IS or compliance. The outcome is not just a review report, but a tool for further strengthening your privacy and IT policies.
What you can expect from an audit by ARC People
If you choose ARC People, you choose a partner who:
- Audits according to applicable Wpg regulations and underlying policy frameworks.
- Delves into your specific operating environment and the maturity of control.
- Translates findings into applicable and supported improvement measures.
- Supports the preparation of the TPM statement towards the Personal Data Authority.
- Does not deliver standard reports, but audit products that are administratively tenable and generate internal support.
Flexible support with high content standards
Our services are flexible: from fully outsourced audit projects(outsourcing), to substantive strengthening of your own audit function(co-sourcing), or temporary deployment of a qualified auditor(interim). In all cases, we guarantee high professional quality, tailored to your needs and organizational context.
Discover the latest insights
Do you not yet have visibility into the requirements of the Wpg? Do you not yet know where your organization stands, or have you not yet gotten around to performing the mandatory external audit? Don't worry, we have summarized the most important information for you in a white paper and will be happy to help you further.
More information on this topic
Are you interested in learning more about this topic? If so, please contact me or one of my colleagues. We are ready to answer your questions and help you further.
Our expert team, with years of experience, is ready to support you and offer personalized advice tailored to your specific situation. We strive to respond to your inquiries as quickly as possible so that you are always helped quickly.
