DOWNLOADABLE List of Documents in the GDPR Toolkit

Page 1

GDPR Toolkit Version 6

AREA

DOC REF

DOCUMENT

All

All

All

0 CERTIKIT GDPR Toolkit Guidance

None None None None None None

CERTIKIT Completion Instructions CERTIKIT - GDPR Implementation Guide V6 CERTIKIT GDPR Toolkit Index CERTIKIT GDPR Toolkit Version 6 Release Notes CERTIKIT - Standard Licence Terms EU General Data Protection Regulation 2016

1 GDPR Preparation Project

GDPR-DOC-01-1 GDPR-DOC-01-2 GDPR-DOC-01-3 GDPR-DOC-01-4 GDPR-DOC-01-5 GDPR-DOC-01-6 GDPR-FORM-01-1 GDPR-FORM-01-2 GDPR-FORM-01-3

GDPR Compliance Project Initiation Document GDPR Preparation Project Plan GDPR Preparation Project Plan GDPR Documentation Log GDPR Briefing Presentation Executive Support Letter Compliance Evidence Meeting Minutes GDPR Gap Assessment Tool

2 GDPR Roles Awareness and Training

GDPR-DOC-02-1 GDPR-DOC-02-2 GDPR-DOC-02-3 GDPR-DOC-02-4 GDPR-DOC-02-5 GDPR-FORM-02-1 None None None

GDPR Roles and Responsibilities GDPR Competence Development Procedure GDPR Communication Programme Information Security Awareness Training GDPR Awareness Training Presentation GDPR Competence Development Questionnaire EXAMPLE GDPR Competence Development Questionnaire GDPR Awareness Poster (for data subjects) GDPR Awareness Poster (for employees)

3 Personal Data Analysis

GDPR-DOC-03-1 GDPR-DOC-03-2 GDPR-FORM-03-1 GDPR-FORM-03-2 GDPR-FORM-03-3 GDPR-FORM-03-4 GDPR-FORM-03-5 None None None None

Personal Data Analysis Procedure Legitimate Interest Assessment Procedure Records of Processing Activities Personal Data Analysis Form Personal Data Analysis Diagram - VISIO Personal Data - Initial Questionnaire Legitimate Interest Assessment Form EXAMPLE Legitimate Interest Assessment Form EXAMPLE Personal Data Analysis Diagram - VISIO EXAMPLE Personal Data Analysis Form EXAMPLE Personal Data - Initial Questionnaire

4 Privacy Policy and Notices

GDPR-DOC-04-1 GDPR-DOC-04-2 GDPR-DOC-04-3 GDPR-DOC-04-4 GDPR-DOC-04-5 GDPR-FORM-04-1 GDPR-FORM-04-2 GDPR-FORM-04-3 None None None None None None None None None

Records Retention and Protection Policy Data Protection Policy Privacy Notice Procedure Website Privacy Policy CCTV Policy Privacy Notice Planning Form - Data Subject Consent Request Form Privacy Notice Planning Form - Other Source EXAMPLE Privacy Notice - CCTV EXAMPLE Consent Request Form EXAMPLE Privacy Notice - Employment EXAMPLE Privacy Notice - Newsletter Signup EXAMPLE Privacy Notice - Online Purchase EXAMPLE Privacy Notice Planning Form - Data Subject EXAMPLE Privacy Notice Planning Form - Other Source EXAMPLE Privacy Notice - Website Enquiry EXAMPLE Website Privacy Policy

5 Rights of the Data Subject

GDPR-DOC-05-1 GDPR-DOC-05-2 GDPR-FORM-05-1 None None None

Data Subject Request Procedure Data Subject Request Register Data Subject Request Form EXAMPLE Data Subject Request Form VISIO - Data Subject Request Procedure WORD - Data Subject Request Procedure

Page 1 of 2

6 Controllers and Processors

GDPR-DOC-06-1 GDPR-DOC-06-2 GDPR-DOC-06-3 GDPR-DOC-06-4 GDPR-DOC-06-5 GDPR-FORM-06-1 GDPR-FORM-06-2 GDPR-FORM-06-3 GDPR-FORM-06-4 GDPR-FORM-06-5 GDPR-FORM-06-6 None

GDPR Controller-Processor Agreement Policy Processor GDPR Assessment Procedure Processor Security Controls GDPR Readiness Statement GDPR Letter to Processors GDPR Contract Review Tool Processor GDPR Assessment Processor Employee Confidentiality Agreement GDPR Readiness Checklist Data Processing Agreement Sub-Processor Agreement EXAMPLE Processor GDPR Assessment

7 Data Protection Impact Assessment

GDPR-DOC-07-1 GDPR-DOC-07-2 GDPR-FORM-07-1 GDPR-FORM-07-2 None None None None None

Data Protection Impact Assessment Process Data Protection Impact Assessment Report Data Protection Impact Assessment Tool Data Protection Impact Assessment Questionnaire EXAMPLE Data Protection Impact Assessment VISIO - Data Protection Impact Assessment Process VISIO - Risk Classification Matrix WORD - Data Protection Impact Assessment Process WORD - Risk Classification Matrix

8 International Transfers

GDPR-DOC-08-1

Procedure for International Transfers of Personal Data

9 Personal Data Breach Management

GDPR-DOC-09-1 GDPR-DOC-09-2 GDPR-DOC-09-3 GDPR-DOC-09-4 GDPR-FORM-09-1 GDPR-FORM-09-2 None None None None

Information Security Incident Response Procedure Personal Data Breach Notification Procedure Personal Data Breach Register Incident Response Plan Data Breach Personal Data Breach Notification Form Breach Notification Letter to Data Subjects EXAMPLE Breach Notification Letter to Data Subjects EXAMPLE Personal Data Breach Notification Form VISIO - Information Security Incident Response Flowchart WORD - Information Security Incident Response Flowchart

10 Information Security Policies

GDPR-DOC-10-1 GDPR-DOC-10-2 GDPR-DOC-10-3 GDPR-DOC-10-4 GDPR-DOC-10-5 GDPR-DOC-10-6 GDPR-DOC-10-7 GDPR-DOC-10-8 GDPR-DOC-10-9 GDPR-DOC-10-10 GDPR-DOC-10-11 GDPR-DOC-10-12

Information Security Policy Mobile Device Policy Access Control Policy Cryptographic Policy Physical Security Policy Anti-Malware Policy Network Security Policy Electronic Messaging Policy Cloud Computing Policy Acceptable Use Policy HR Security Policy Social Media Policy

11 European Data Protection Board Guidelines

None None None None None None None None None None

EDPB Guidelines on Data Portability 5 Apr 2017 EDPB Guidelines on Data Protection Officers 5 Apr 2017 EDPB Guidelines on Lead Supervisory Authority 5 Apr 2017 EDPB Guidelines on DPIA 4 Oct 2017 EDPB Guidelines on Breach Notification 6 Feb 2018 EDPB Guidelines on Profiling 6 Feb 2018 EDPB Guidelines on Consent 10 Apr 2018 EDPB Guidelines on Transparency 11 Apr 2018 EDPB Guidelines on Online Services 8 Oct 2019 EDPB Guidelines on Territorial Scope 12 Nov 2019

Page 2 of 2

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.