What Auditors Always Find and Why
Data Protection Made Easy Podcast
Written by Caine Glancy and Catarina Santos
This session explores the most common issues uncovered during GDPR audits and why they continue to appear across organisations of all sizes. Hosted by Catarina Santos and Caine Glancy, the discussion will break down recurring audit findings, highlight the root causes behind them, and explain how to address gaps before they become regulatory risks.
What Auditors Always Find and Why
Live session with the Data Protection Made Easy community
This session looks at the most common issues uncovered during GDPR audits, and why they keep appearing.
Hosted by Catarina Santos and Caine Glancy, this live discussion will explore recurring audit themes, the root causes behind common compliance gaps, and how organisations can address issues before they become regulatory problems.
Whether you are preparing for an audit, supporting an internal review, or trying to strengthen your organisation’s data protection framework, this session will give you practical insight from the people who see these issues every day.
What This Session Will Cover
During the session, Catarina and Caine will break down the findings that appear most often during data protection audits, including why they happen and what organisations can do to put them right.
- The most common GDPR audit findings across different organisations
- Why the same data protection gaps keep appearing
- The difference between having policies and proving they work in practice
- How poor record keeping, unclear ownership and weak processes create risk
- What auditors look for during a GDPR compliance review
- How to prepare for an audit before issues become urgent
Why This Topic Matters
Audit findings are rarely surprising. In many cases, the same problems appear again and again because organisations focus on documentation without checking whether processes are embedded, understood and followed.
A good GDPR audit does more than identify weaknesses. It helps organisations understand what is working, where the gaps are, and what needs to improve next.
This session will help attendees understand how to move from reactive compliance to a more structured, evidence-based approach to data protection.
Who Should Attend?
This session is useful for anyone involved in data protection, governance, compliance or audit preparation, including:
- Data Protection Officers
- Compliance and risk teams
- Information governance professionals
- Senior leaders responsible for accountability
- IT, cyber security and operations teams
- Anyone preparing for a GDPR audit or internal review
Meet Your Hosts
Catarina Santos
Catarina is Head of Consultancy at Data Protection People and supports organisations across a wide range of sectors. She brings practical experience from real client work and understands what good compliance looks like beyond the paperwork.
Caine Glancy
Caine is the Data Protection Support Desk Manager at Data Protection People. He works closely with organisations handling day-to-day data protection challenges and brings a practical view of the issues that often lead to audit findings.
Join the Data Protection Made Easy Community
This session will be hosted live in front of the Data Protection Made Easy community, giving attendees the opportunity to hear real questions, shared experiences and practical discussion from data protection professionals across the UK.
Our community brings together more than 1,700 data protection professionals who join us regularly for live sessions, podcasts and practical discussions designed to make data protection easier to understand and easier to do.
Book Your Place
Join us live for a practical session on what auditors always find, why those issues keep appearing, and how your organisation can prepare for its next
GDPR audit with more confidence.