GDPR TOOLKIT Version 4 List of Documents in the Toolkit Area 0 CERTIKIT GDPR Toolkit Guidance
1 GDPR Preparation Project
Document Reference None
Document CERTIKIT - GDPR Implementation Guide
None
CERTIKIT GDPR Toolkit Completion Instructions
GDPR-DOC-01-1
GDPR-DOC-01-4 GDPR-DOC-01-5 GDPR-DOC-01-6 GDPR-FORM-01-1 GDPR-FORM-01-2 GDPR-FORM-01-3
GDPR Compliance Project Initiation Document GDPR Preparation Project Plan (Microsoft Project) GDPR Preparation Project Plan (Microsoft Excel) GDPR Documentation Log GDPR Briefing Presentation Executive Support Letter GDPR Compliance Evidence Meeting Minutes GDPR Gap Assessment Tool
GDPR-DOC-02-1
GDPR Roles and Responsibilities
GDPR-DOC-02-2 GDPR-DOC-02-3 GDPR-DOC-02-4 GDPR-DOC-02-5 GDPR-FORM-02-1
GDPR Competence Development Procedure GDPR Communication Programme Information Security Awareness Training GDPR Awareness Training Presentation GDPR Competence Development Questionnaire
None
EXAMPLE GDPR Competence Development Questionnaire
GDPR-DOC-03-1 GDPR-DOC-03-2 GDPR-FORM-03-1 GDPR-FORM-03-2 GDPR-FORM-03-3 GDPR-FORM-03-4 GDPR-FORM-03-5 None None
Personal Data Analysis Procedure Legitimate Interest Assessment Procedure Records of Processing Activities Legitimate Interest Assessment Form Personal Data Analysis Form Personal Data Analysis Diagram Personal Data - Initial Questionnaire EXAMPLE Personal Data Analysis Form EXAMPLE Personal Data Analysis Diagram
GDPR-DOC-01-2 GDPR-DOC-01-3
2 GDPR Roles Awareness and Training
3 Personal Data Analysis
1
Area
Document Reference
Document
4 Privacy Policy and Notices
GDPR-DOC-04-1
Records Retention and Protection Policy
GDPR-DOC-04-2 GDPR-DOC-04-3 GDPR-DOC-04-4 GDPR-FORM-04-1 GDPR-FORM-04-2 GDPR-FORM-04-3
None None None None None
Data Protection Policy Privacy Notice Procedure Privacy Policy Privacy Notice Planning Form - Data Subject Consent Request Form Privacy Notice Planning Form - Other Source EXAMPLE Privacy Notice - Newsletter Signup EXAMPLE Privacy Notice - Online Purchase EXAMPLE Consent Request Form EXAMPLE Privacy Notice - Employment EXAMPLE Privacy Notice - Website Enquiry EXAMPLE Website Privacy Policy
5 Rights of the Data Subject
GDPR-DOC-05-1 GDPR-DOC-05-2 GDPR-FORM-05-1
Data Subject Request Procedure Data Subject Request Register Data Subject Request Form
6 Controllers and Processors
GDPR-DOC-06-1
GDPR Controller/Processor Agreement Policy Processor GDPR Assessment Procedure Processor Security Controls GDPR Readiness Statement GDPR Letter to Processors
None
GDPR-DOC-06-2 GDPR-DOC-06-3 GDPR-DOC-06-4 GDPR-DOC-06-5 GDPR-FORM-06-1 GDPR-FORM-06-2 GDPR-FORM-06-3
7 Data Protection Impact Assessment
8 International Transfers
GDPR-FORM-06-4 GDPR-FORM-06-5
GDPR Contract Review Tool Processor GDPR Assessment Processor Employee Confidentiality Agreement GDPR Readiness Checklist Data Processing Agreement
GDPR-DOC-07-1
Data Protection Impact Assessment Process
GDPR-DOC-07-2 GDPR-FORM-07-1 GDPR-FORM-07-2
Data Protection Impact Assessment Report Data Protection Impact Assessment Tool Data Protection Impact Assessment Questionnaire
GDPR-DOC-08-1
Procedure for International Transfers of Personal Data
2
Area 9 Personal Data Breach Management
Document Reference GDPR-DOC-09-1 GDPR-DOC-09-2 GDPR-DOC-09-3 GDPR-FORM-09-1 GDPR-FORM-09-2 None
10 Information Security Policies
Document Information Security Incident Response Procedure Personal Data Breach Notification Procedure Personal Data Breach Register Personal Data Breach Notification Form Breach Notification Letter to Data Subjects EXAMPLE Personal Data Breach Notification Form
GDPR-DOC-10-1
Information Security Policy
GDPR-DOC-10-2 GDPR-DOC-10-3 GDPR-DOC-10-4 GDPR-DOC-10-5 GDPR-DOC-10-6 GDPR-DOC-10-7 GDPR-DOC-10-8 GDPR-DOC-10-9 GDPR-DOC-10-10
Mobile Device Policy Access Control Policy Cryptographic Policy Physical Security Policy Anti-Malware Policy Network Security Policy Electronic Messaging Policy Cloud Computing Policy Acceptable Use Policy
3