top of page

AUDITS

MAK Data Company audits the company to which it provides consultancy during the consultancy contract process, with different types of audits, for its compliance with the obligations under the KVKK Law No. 6698, GDPR and other secondary legislation. Likewise, within the scope of audits, it is ensured that compliance with the law and developing case law is at the highest level by working with the authorities of the company through planned and sudden audits within the company.

Planned

Raid

Scheduled Inspections

  • MAK Veri ensures that the process proceeds in the most efficient way with different control mechanisms that it carries out meticulously within the scope of compliance activities and which should be included in the compliance culture of the enterprise.

  • Audits are carried out quarterly or semi-annually, in addition to the annual internal audit.

  • During the audits, any electronic or physical environment in which personal data is processed in the audited unit is examined and its compliance with the law or the relevant legislation is carefully audited.

  • Analysis is made in terms of the reports made simultaneously during the audit and the developments shown during the consultancy period.

  • Prior to the planned audit, periodic KVKK reports are requested from each department/unit manager, thus maximizing the efficiency of the audit.

  • While preparing the audit plan, the data obtained from the previous audit activities are used.

Raid Controls

  • Raid Inspections are carried out without planning, keeping the inspection date confidential. With the related method, it not only prevents the business from being caught unprepared in case of a possible investigation by the Personal Data Protection Authority, but also prevents personal data breaches.

  • In the procedure to be established in terms of Dominant Audits, the efficiency of the audit is increased by envisaging sanctions against the department/unit manager. At the same time, these sanctions have important effects on the functioning of the data protection mechanism in accordance with the Law and the relevant legislation.

  • Data protection mechanisms are audited with different methods in each raid audit.

  • In order to ensure the functionality of the audits, the reporting of this audit is made at the audit site during the audit and its analysis is provided with the reports of the previous period.

  • MAK Veri increases the success of enterprises in compliance processes in the context of both technical and administrative measures with the completion of the said audit processes, updating the risk report and determining the proportional risk rating.

bottom of page