Page 1

GDPR Toolkit Version 5 List of Documents in the Toolkit Area 0 CERTIKIT GDPR Toolkit Guidance

Document Reference None None

Document CERTIKIT - GDPR Implementation Guide CERTIKIT GDPR Toolkit Completion Instructions

1 GDPR Preparation Project


GDPR Compliance Project Initiation Document GDPR Preparation Project Plan (Microsoft Project) GDPR Preparation Project Plan (Microsoft Excel) GDPR Documentation Log GDPR Briefing Presentation Executive Support Letter Compliance Evidence Meeting Minutes GDPR Gap Assessment Tool

2 GDPR Roles Awareness and Training

GDPR-DOC-02-1 GDPR-DOC-02-2 GDPR-DOC-02-3 GDPR-DOC-02-4 GDPR-DOC-02-5 GDPR-FORM-02-1 None None None

GDPR Roles and Responsibilities GDPR Competence Development Procedure GDPR Communication Programme Information Security Awareness Training GDPR Awareness Training Presentation GDPR Competence Development Questionnaire EXAMPLE GDPR Competence Development Questionnaire GDPR Awareness Poster (for data subjects) GDPR Awareness Poster (for employees)

3 Personal Data Analysis

GDPR-DOC-03-1 GDPR-DOC-03-2 GDPR-FORM-03-1 GDPR-FORM-03-2 GDPR-FORM-03-3 GDPR-FORM-03-4 GDPR-FORM-03-5 None None

Personal Data Analysis Procedure Legitimate Interest Assessment Procedure Records of Processing Activities Personal Data Analysis Form Personal Data Analysis Diagram Personal Data - Initial Questionnaire Legitimate Interest Assessment Form EXAMPLE Personal Data Analysis Form EXAMPLE Personal Data Analysis Diagram

4 Privacy Policy and Notices

GDPR-DOC-04-1 GDPR-DOC-04-2 GDPR-DOC-04-3 GDPR-DOC-04-4 GDPR-DOC-04-5 GDPR-FORM-04-1 GDPR-FORM-04-2 GDPR-FORM-04-3 None None None None None None None

Records Retention and Protection Policy Data Protection Policy Privacy Notice Procedure Website Privacy Policy CCTV Policy Privacy Notice Planning Form - Data Subject Consent Request Form Privacy Notice Planning Form - Other Source EXAMPLE Privacy Notice - Newsletter Signup EXAMPLE Privacy Notice - Online Purchase EXAMPLE Consent Request Form EXAMPLE Privacy Notice - Employment EXAMPLE Privacy Notice - Website Enquiry EXAMPLE Website Privacy Policy EXAMPLE Privacy Notice - CCTV

5 Rights of the Data Subject


Data Subject Request Procedure Data Subject Request Register Data Subject Request Form

6 Controllers and Processors


GDPR Controller/Processor Agreement Policy Processor GDPR Assessment Procedure Processor Security Controls GDPR Readiness Statement GDPR Letter to Processors GDPR Contract Review Tool Processor GDPR Assessment Processor Employee Confidentiality Agreement GDPR Readiness Checklist


Data Processing Agreement Sub-Processor Agreement

7 Data Protection Impact Assessment

GDPR-DOC-07-1 GDPR-DOC-07-2 GDPR-FORM-07-1 GDPR-FORM-07-2 None

Data Protection Impact Assessment Process Data Protection Impact Assessment Report Data Protection Impact Assessment Tool Data Protection Impact Assessment Questionnaire EXAMPLE Data Protection Impact Assessment

8 International Transfers


Procedure for International Transfers of Personal Data

9 Personal Data Breach Management

GDPR-DOC-09-1 GDPR-DOC-09-2 GDPR-DOC-09-3 GDPR-FORM-09-1 GDPR-FORM-09-2 None

Information Security Incident Response Procedure Personal Data Breach Notification Procedure Personal Data Breach Register Personal Data Breach Notification Form Breach Notification Letter to Data Subjects EXAMPLE Personal Data Breach Notification Form

10 Information Security Policies

GDPR-DOC-10-1 GDPR-DOC-10-2 GDPR-DOC-10-3 GDPR-DOC-10-4 GDPR-DOC-10-5 GDPR-DOC-10-6 GDPR-DOC-10-7 GDPR-DOC-10-8 GDPR-DOC-10-9 GDPR-DOC-10-10

Information Security Policy Mobile Device Policy Access Control Policy Cryptographic Policy Physical Security Policy Anti-Malware Policy Network Security Policy Electronic Messaging Policy Cloud Computing Policy Acceptable Use Policy

Profile for CertiKit Limited

DOWNLOADABLE List of Documents in the GDPR Toolkit  

DOWNLOADABLE List of Documents in the GDPR Toolkit  

Profile for public-it