Dpa vendor audit
Quarterly DPA audit across every processor vendor — flag missing, stale, and mismatched data-processing agreements.
Eluu — dpa-vendor-audit
Shown in preview 
Runtime ~6 min per run
Tokens ~20K per run
Owner a privacy / GC colleague
Works with
Pick whichever tool your team already uses.
- Messaging Slack
Teams - Spreadsheet Google Sheets
Excel - Docs Notion
Google Docs 
Confluence
What it does
DPAs are easy to forget once signed — until a breach or a regulator’s letter forces a frantic audit. This recipe runs quarterly across every processor vendor, flags missing / stale / mismatched DPAs, and writes an audit report with a prioritized action plan for the GC and DPO.
How it works
- Pull vendors. The vendor catalog is pulled; processor vendors are filtered with their data categories and current DPA status.
- Audit. Vendors with no DPA, DPAs over 24 months old, and DPAs missing data category coverage all get flagged. Each gap gets a risk score.
- Report. Audit summary, per-vendor gap detail with risk + action, and a 6-step action plan are written. GC + DPO get DM’d.
Setup
- Connect a spreadsheet destination (Google Sheets or Excel) for the vendor catalog.
- Connect a docs destination (Notion, Google Docs, or Confluence).
- Connect a messaging channel (Slack or Teams).
Variations
- Add a sub-processor audit that traces sub-processor disclosures.
- Run an automated re-execution workflow for stale DPAs.
- Generate vendor-specific data flow diagrams for tier-1 processors.
