The compliance officer is the person(s) within the organization who, on behalf of management, monitors and seeks to determine whether the organization complies with the requirements imposed on the organization, both external requirements and internal requirements.
The compliance officer can create and edit requirement sources and describe how the organization works to comply with the requirements. The compliance manager can also use the tool to carry out compliance checks, either as a pure compliance check or as an internal audit activity. The completed compliance check is compiled into a report which can be generated and distributed to those concerned.
Based on the organization’s process mapping and inventory of information types as well as systems and services in which the information is handled, the organization’s personal data processing can be presented in a personal data processing register (Article 30 register based on the Data Protection Regulation / GDPR). Similarly, based on the inventory of information, the organization can generate a document management plan that forms a basis for setting requirements for the systems and services that will handle the information and provides a direction for what information needs to be preserved and deleted.
