• PECB GDPR Self-Assessment



This online assessment will help your organization to acknowledge, understand, and improve your organization’s compliance level to GDPR. A set of questions have been developed to discover and identify the strengths and weaknesses of your organization’s compliance to GDPR.

This online assessment tool involves a quick review, available at no cost, for the purpose of evaluating your organization’s readiness to GDPR. The questionnaire consists of 16 comprehensive closed-ended questions. After answering to the questionnaire, a calculated score result will be provided, so you can have an understanding of your organization’s compliance to GDPR.

Note: This online review serves only as a guidance based on the responses provided; it doesn’t necessarily imply your full compliance to GDPR. For further information about the PECB GDPR Assessment process and requirements, please contact us at ms@pecb.com

1. Is your organization aware of the new General Data Protection Regulation?
2. Has your organization established a lawful ground for processing of personal data?
3. Is data subject informed about the reasons for collecting their personal data?
4. Does your organization have a procedure in place for the archiving and destruction of data?
5. Does your organization have a policy or procedure for controlling of access requests?
6. Are data subjects allowed to access their personal records at any time?
7. Are data subject informed about their right to demand erasure or rectification of their personal information?
8. Is your organization familiar with the principle of privacy by design and privacy by default?
9. Does your organization have an incident response procedure to handle data breach and reporting it within 72 hours of becoming aware?
10. Does your organization have in place pseudonymisation and anonymization tools, as security measures?
11. Does your organization have a Data Protection Impact Assessment process in place?
12. Has your organization appointed a responsible individual for data protection and compliance to GDPR?
13. Has your organization provided any GDPR training and awareness programme for its personnel?
14. Does your organization have a procedure or policy in place for transfer of data to third country or other international organization?
15. Does your organization maintain insurance policy to cover its data protection liability concerns?

Click 'Submit' button to finish!