Step 1. Choose your GDPR Assessment

The General Data Protection Regulation (GDPR) assessments include:

  • A GDPR Data Processor assessment. This assessment helps controllers and processors to understand what needs to be included in their contract and why, reflecting their responsibilities and liability.
  • A GDPR Audit checklist. The GDPR Audit Checklist provides a general framework for large and medium-sized organizations to assess their implementation of the GDPR requirements. This checklist is based on a released Data Protection Authority (DPA) GDPR Audit checklist.
  • A GDPR DPIA Assessment. A Data Protection Impact Assessment (DPIA) is a process whereby potential privacy issues and risks are identified and examined from the perspective of all stakeholders and allows the organization to anticipate and address the likely privacy impacts of new initiatives (a requirement of GDPR in certain circumstances). The impact assessment covers not only the protection of personal data but broader privacy of individuals and therefore could also be referred to as a Privacy Impact Assessment (PIA).
  • A GDPR Gap Assessment. The GDPR Gap Assessment Checklist provides a general means for organizations to ensure that the right measures (both organizational and technical) are taken, and at the same time, get an idea about their effectiveness.

GDPR Data Processor Assessment

This checklist is an assessment for the processor to evaluate the contract with the controller and the implementation of the GDPR obligations.

GDPR Audit Checklist

The GDPR Audit Checklist provides a general framework for large and medium-sized organizations to assess their implementation of the GDPR requirements.

GDPR DPIA Assessment

A Data Protection Impact Assessment (DPIA) for any project that includes the use of any personal data.

GDPR Gap Assessment

A GDPR Gap Assessment Checklist to evaluate the gap between the measures taken and the GDPR compliance obligations.

These assessments are using: the Information Commissionner’s Office (ICO) “GDPR guidance: Contracts and liabilities between controllers and processors”, “Privacy Impact Assessment Code of Practice”, GDPR Data Protection Guidance Handbook, Gibraltar Regulatory Authority (GRA) “Guidance for SMEs: Personal Data Inventory Tool & Readiness Checklist & Policy Guide” and the Lower Saxony Data Protection Authority (DPA) GDPR Audit checklist.



Step 2. Edit / Answer / Share the Assessment


Disclaimer: the assessments are provided by Vendict “as is” for information purposes only. Any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. While we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the inserted assessment contained herein. Any reliance you place on such information is therefore strictly at your own risk.