Ментальная карта

Data Records
1. Data Inventory
  1. Questionnaires, Interviews with process owners
  2. Analysis of docs and IT landscape
  3. Data mapping templates
  4. Data Flow Diagrams (SIPOS, Miro, etc.)
  5. List of purposes of data processing by RPPA
  6. Catalog of personal data by RPPA
  7. Categories of data subjects by RPPA
  8. Data Discovery tools
  9. Privacy Code Scanning
  10. ISO Information Asset Register Template
2. RoPA templates
  1. RoPA Templates by RPPA_RU
  2. Documentation templates by ICO
  3. RoPA templates by dataprivacymanager.net
  4. RoPA by Ireland DPC
  5. RoPA template by CNIL
Data Operations
1. Processing
  1. Legal basis
    1. Algorithm for choosing a legal basis by RPPA
    2. Consent
      1. Sample Consent Clauses
      2. Consent template for employees by RPPA
    3. Legitimate interest
      1. Lawful basis assessment report by ICO
      2. Assessment checklist fo Legitimate interst
      3. Legitimate impact assesment template by ICO
  2. Docs & Policies
    1. Dosc checklist
      1. Structure of Privacy Docs by RPPA _ RU
      2. Checklist of documents by Roskomnadzor
      3. Docs checklist by ICO
    2. Notices
      1. Privacy Notice Template by ICO
      2. Cookies Notice Template
    3. Policies
      1. Privacy Policy Generator by Б-152
      2. Privacy Policy Generator
      3. Privacy Notice Generator by ICO
    4. Agreements
      1. Data Processing Agreement by RPPA_RU
      2. Simple Data Processing Agreement
      3. Data processing agreement template
      4. Data sharing agreement template
2. Transfer
  1. Transfer Impact Asessment (TIA)
    1. EU SCC TIA Template
    2. TIA Template by IAPP
    3. TIA draft practical guide by CNIL
  2. Data Transfer Agreement by RPPA_RU
  3. EU Standard Contract Clauses (SCC)
  4. Model transfer clauses around the world
  5. International Data Transfer Agreement by ICO
  6. Binding Corporate Rules (BCR)
Data requests
1. Data Subject Requests
  1. Data subjects requests register template
  2. Data subject request template
  3. Data subject response templates
  4. Channels for DS requests
Culture & Awareness
1. RPPA Privacy trainings
2. Privacy awareness trainings & workshops
3. Staff training logs
4. Privacy aterts & newsletters
5. Posters, handouts, banners, videos
6. Privacy games
7. Stakeholders Engagement Plan
8. Privacy Champions & Advocates
9. Regular sessions with process owners (1+1)
10. Advice, informal discussions, brainstorming
11. Privacy certification support
12. Presentation of Privacy projects
13. Employee surveys
Metrics & Reports
1. Privacy metrics
  1. Privacy metrics example
  2. KPI / KDI / OKR frameworks
  3. Feedback Forms
2. Privacy Reports
  1. Template DPO Report to Management by IAPP
  2. Privacy Audit Report by ICO
  3. DPO ReportTemplate
  4. Privacy ROI Calculator
Protection
1. Measures & Safeguards
  1. Privacy by Design
    1. Privacy by design by J. Cronk
    2. Privacy by Design checklist by ICO
    3. Privacy design patterns
    4. Privacy icons
    5. Privacy labels
    6. Customer dashboard
    7. Privacy comins
    8. Dark patterns
  2. Security
    1. Security Policy templates
    2. Security Measures Checklist by CNIL
    3. On-line tool for the security by ENISA
    4. NIST Security Framework
    5. Security Checklist by ICO
  3. PETs
    1. PETs Guidance by ICO
    2. PETs Report by OECD
    3. PETs startups 2024
2. Breaches & Incidents
  1. Breach examples
  2. Incident Notice by RKN
  3. Data Breach reporting form by ICO
  4. Data Breach Register by ICO
  5. Data Breach forms by EDPS
  6. Data Breach Reporting Form by ICO
  7. ENISA Metodology of Breach assessment
  8. Data Breach Action Plan_EN
  9. Breach Investigation Report template
  10. Business continuity Plan by ICO
  11. ISO Incident Management Standard
3. Privacy Harms
  1. ENISA metodology
  2. Taxonomy of Privacy by D. J. Solove
  3. Privacy threats model by LINDDUN
  4. RKN metodology of harm assessment
Privacy risks
1. Risk management frameworks
  1. NIST Risk Management Framework
  2. ISO 31000 Risk Management standard
  3. ISO/IEC 27557:2022 Privacy Risk Management
  4. Privacy risk management by ISACA
2. Risk asessment tools
  1. Privacy risks assessment (PRA)
    1. PRA Template
    2. Example of PRA process by Unilever
    3. Risk asessment tools by NIST
  2. Data Protection Impact Asessment (DPIA)
    1. DPIA Template by ICO
    2. DPIA Template by FLN
    3. DPIA Template by VUB
  3. Privacy Impact Asessment (PIA)
    1. PIA Template by CNIL
    2. Private Sector PIA Template
    3. PIA Template by ICO
  4. Transfer Impact Asessment (TIA)
    1. EU SCC TIA Template
    2. TIA Template by IAPP
    3. TIA draft practical guide by CNIL
3. Risk visualization tools
  1. Risk Matrix Templates
  2. Risk register templates
  3. Risk dashboard templates
Projects & Process
1. Data Flow Diagrams (SIPOS, Miro, etc.)
2. Template GDPR Roadmap Gantt by DPO
3. Project management software (Jira, Asana, Monday, etc.)
4. Agile vs. waterfall PM
Privacy team
1. GDPR RACI chart
2. Gantt Pro_ team management tool
3. Template GDPR Roadmap Gantt by DPO
4. SmartSheet platform
PRIVACY PROGRAM
1. Privacy Program Frameworks
  1. ICO Accountability Framework EN
    1. ICO Accountability Framework: RU
  2. ICO Accountability Framework_RU by RPPA
  3. Checklist of Privacy Controls by Privacy Advocates_RU
  4. NIST Privacy Framework
  5. ISO 27701:2019 Privacy Information Management System (PIMS)
  6. Nimity Privacy Management Framework
  7. Privacy Maturity Model
  8. Action Plan Template
  9. Privacy Management Plan by OAIC
2. Privacy Audit
  1. Gartner’s GDPR compliance audit checklist.
  2. Privacy assessment checklists by ICO
  3. Questionnaires, Interviews with business leaders
  4. Data Privacy Surveys
  5. Methodology of GDPR applicability by RPPA
  6. Privacy Audit Report by ICO
  7. Privacy dashboards
  8. ISO 27701 (PIMS) Gap Analysis Report