GDPR Compliance Checklist
Have you taken the necessary measures to comply with the GDPR (General Data Protection Regulation)? If you're not prepared, you're certainly not alone.
To accelerate your existing efforts, we’ve distilled everything you need to do to achieve and maintain GDPR compliance into this simple nine-step checklist.
- Obtain board-level support and establish accountability
- Scope and plan your GDPR compliance project
- Conduct a data inventory and data flow audit
- Undertake a comprehensive risk assessment
- Conduct a detailed gap analysis
- Develop operational policies, procedures and processes
- Secure personal data through procedural and technical measures
- Ensure teams are trained and competent
- Monitor and audit compliance
GDPR compliance requires board-level support. It’s therefore essential that the board understands the implications of the Regulation – both positive and negative – so that it can allocate the resources needed to achieve and maintain compliance.
What you need to do:
- Advise the board about data protection risks and the benefits of GDPR compliance.
- Obtain management support for your GDPR compliance project.
- Assign accountability for GDPR compliance to a director.