GDPR
Controller & Processor Obligations
19 controls in this category. Click any control to see implementation guidance, evidence requirements, and common audit failures.
Art.24 critical
Responsibility of the Controller
Controller & Processor Obligations
Art.25 high
Data Protection by Design and by Default
Controller & Processor Obligations
Art.26 high
Joint Controllers
Controller & Processor Obligations
Art.27 medium
Representatives of Controllers or Processors Not Established in the Union
Controller & Processor Obligations
Art.29 high
Processing Under the Authority of the Controller or Processor
Controller & Processor Obligations
Art.28 critical
Processor
Controller & Processor Obligations
Art.30 high
Records of Processing Activities
Controller & Processor Obligations
Art.31 high
Cooperation with the Supervisory Authority
Controller & Processor Obligations
Art.32 critical
Security of Processing
Controller & Processor Obligations
Art.33 critical
Notification of a Personal Data Breach to the Supervisory Authority
Controller & Processor Obligations
Art.35 critical
Data Protection Impact Assessment
Controller & Processor Obligations
Art.36 high
Prior Consultation
Controller & Processor Obligations
Art.37 high
Designation of the Data Protection Officer
Controller & Processor Obligations
Art.38 high
Position of the Data Protection Officer
Controller & Processor Obligations
Art.39 high
Tasks of the Data Protection Officer
Controller & Processor Obligations
Art.40 low
Codes of Conduct
Controller & Processor Obligations
Art.41 low
Monitoring of Approved Codes of Conduct
Controller & Processor Obligations
Art.42 low
Certification
Controller & Processor Obligations
Art.43 low
Certification Bodies
Controller & Processor Obligations
Assess GDPR Controller & Processor Obligations
Track every control, collect evidence, and generate audit-ready reports with AuditFront.
Start Free Assessment