CPDStore Ireland

The key objective of this session is to provide an update for attendees on the recent case law involving GDPR and in particular the recovery of damages against Data Controllers.

Auditors employ a risk-based approach using both substantive and analytical procedures to obtain insight into how their clients operate.   By the end of the module, attendees will be able to know what evidence ought to be present in how a charity’s data is governed.  They will be able to offer key professional advice in relation to managing a key risk for the organization.

Mark D Finan will cover the following topics during this session:

• GDPR – Over five years in existence.  We will look the main obligations on data controllers and how to validly process data.
• A charity’s legal obligations pursuant to the Data Protection Act 2018 and the GDPR.  An accountant may also have some insight to give in relation to the Director’s Report to ensure that it is consistent with the data management of the organisation.
• Audit procedures – what should be examined when conducting an audit on internal data management systems?  Attendees will learn how to inspect procedures to verify compliance with legal obligations and how to test compliance especially under the transparency heading.
• Recent case law involving GDPR and section 117 claims.   
• How clients can future proof themselves and what to expect.  Understanding policies and data governance:
• Verifying the accuracy and completeness of disclosure.
• Any mitigating factors.  
• Post disclosure events.
• Litigation and claims.

Attendees will be able to confidently review policies and procedures that may not have been reviewed since the introduction of GDPR.  Outdated policies and procedures can cost money and a failure to comply with compliance can have a huge impact on the ability of a charity to acquire and maintain good funding.  Donors need to have their information stored and processed securely.   The absence of updated policies can also lead to a lack of monitoring and inefficiencies in internal controls.   Attendees will be able to identify any inconsistencies between the Directors’ Report and the state of the Charity’s affairs.

This session is targeted to any accountant/auditor who provides services to the charity sector. The ever increasing compliance environment within which charities operate means that any one charity may need to draw on the knowledge base of their accountant/auditor.  Having a broad knowledge of the law as it applies in relation to GDPR will enable participants to provide those services.

Current litigation will be discussed and examples from the Section 66 Inspectors’ Report into North Inner City Homeless CLG will be discussed.  

Course Level: Intermediate.