Adoption of Internal Policies for GDPR Compliance, v1.0
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 24(2).
Assessment Step
|
1
Adoption of Internal Policies for GDPR Compliance (AdoptionofInternalPoliciesforGDPRCompliance)
Where proportionate in relation to its processing activities, does the entity implement appropriate data protection policies?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) and supporting notes as appropriate to support the assessor's response to this assessment step.
|
Conformance Criteria (1)
|
Adoption of Internal Policies for GDPR Compliance
Where proportionate in relation to processing activities, the data controller must implement appropriate data protection policies.
Citation
GDPR
Art. 24(2), Recital 74
|