Data Protection Compliance for Academy Trusts - Audit Readiness Pack

Embedding the Accountability Principle in the Trust’s Governance and Practices

A recent spate of academy trust consensual audits has indicated that the ICO expects a very high standard of good practice. This is strongly linked to a new GDPR Data Protection Principle called the ‘Accountability Principle’.

Academy Trusts should make sure they are prepared; our Information Law team, has produced an ‘Audit Readiness Pack’ for Academy trusts. This is practical guidance about how to embed the accountability principle in the Trust’s governance and operational practices to help get you ready for an ICO data protection audit.

Pack Contents

Guidance on:

  • Governance (as far as it relates to data protection)
  • Oversight of the DPO role and data protection compliance
  • Other operational matters relating to data protection


  • Model terms of reference for a data protection compliance committee (or other committee carrying out that function)
  • Measures and key performance indicators for data protection compliance
  • Suggested data protection risks for the risk register
  • Detailed guidance on data protection related financial penalties

Stone King HR Retainer and Legal Retainer clients £275 + VAT

All other Academy Trusts £350 + VAT

For more information please contact our Education GDPR Team below.

The law and practice referred to in this article or webinar has been paraphrased or summarised. It might not be up-to-date with changes in the law and we do not guarantee the accuracy of any information provided at the time of reading. It should not be construed or relied upon as legal advice in relation to a specific set of circumstances.

The Legal 500 - The Clients Guide to Law Firms

UK Chambers logo

Best Companies - One to watch logo

Cyber Essentials Certification Logo