Privacy Management

Guidance to help you build, assess, and maintain an effective privacy management programme — from policies and data mapping to risk assessments and incident response. (in development)

Privacy Impact Assessments:

• Privacy Impact Assessment Toolkit (OPC NZ)
• Privacy Impact Assessments (OAIC)
• ISO/IEC 29134

Data Protection Impact Assessments

• Guidance on Data Protection Impact Assessment (Art29 WP, endorsed by EDPB)
• ICO Guidance on DPIA (UK)
• CNIL PIA resources (FR, in English)
• PDCP Guidance (Singapore)
• Guidance from Data Protection Commission (IE)
• Templates from Loughborough University

Risk Management Frameworks:

• NIST
• ISO/IEC 27701:2019 (PIMS)
• MS Data Protection Mapping Project (old)

Privacy Management Programmes:

• Poupou Matatapu (OPC NZ)
• Privacy Management Program (Canadian OPC)
• Privacy Management Framework (OAIC)
• Guide to develop a Data Protection Management Programme (PDPC)