Audits en advies om te voldoen aan de AVG

The Privacy Act (GDPR) requires organizations to take technical and organizational measures to ensure customer privacy. These measures stem from rules for "rights for data subject" on the one hand and "obligations for controller and processor" on the other.

We support organizations with the implementation of the GDPR and provide an understandable approach specific to the organization. We can also objectively examine whether your current policy meets GDPR requirements and to what extent the policy has been controllably implemented.

AVG / GDPR Compliant worden

Implementation of the GDPR is an organization-specific process. A focused approach is therefore essential. You can do this by mapping the current situation of your organization regarding the GDPR by means of GDPR AVG Compliance Scan.

With the 2-Control GDPR Compliance Scan you gain insight into your level of compliance with the AVG. Based on concrete findings and recommendations you can use the scan as a starting point for (the improvement of) the implementation of AVG within your organization.

To perform the GDPR compliance scan we use the NOREA Privacy Control Framework (PCF) manual.

Request an GDPR compliance scan here

Privacy Control Framework

The Dutch professional association for IT auditors, NOREA, has developed a Privacy Control Framework (PCF) that can be used for an objective assessment of how organizations handle personal data.

The PCF is a translation of the GDPR (European privacy legislation) into a concrete verifiable framework of standards. With this standards framework, our experienced IT auditors can test your organization's compliance level with the AVG. Based on the organization's objectives and the processing register, necessary control measures are systematically evaluated.

As IT auditors (RE), we can support you in this process and may provide an opinion in the form of an assurance statement. The PCF contains the prescribed objectives and elements for privacy engagements based on NOREA Assurance Guideline 3000. Click here to view the entire NOREA handbook.

GDPR ook voor u?

Unlike privacy laws in some other jurisdictions, the AVG applies to organizations of all sizes and all industries. In other words, there's a very good chance you'll have to comply with it, too. This European privacy law is there for all:

  • companies and organizations that process personal data in the course of the activities of one of his or her EU-based branches, regardless of where the data is processed.
  • companies and organizations based outside the EU offering goods/services (paid or free) or monitoring the behavior of individuals in the EU.


+31 (0) 76-5019470

Please contact us

Do you have any questions or comments about our IT audit services? We are happy to hear from you. Please enter your details in the form below and we will get back to you as soon as possible. You can also contact us directly at the phone number on the left.

Our dedicated team is ready to assist you with any questions or concerns. We strive to provide you with the best service possible.

Fill in our contact form