Test criteria

An audit of one or more processors is based on the criteria of the Federal and State Data Protection Conference (DSK) for certification under Article 42 and on the assurance objectives of the DSK’s standard data protection model.

Audited are:

  • the offer of the processor
  • the contract for commissioned processing, if any, including the documentation of the technical-organizational data protection measures of the processor
  • any other legally binding agreements that may exist
  • any joint responsibility of the Processor and the Responsible Party, if any

compliance with the performance targets

  • Data minimization
  • Confidentiality
  • availability
  • Integrity
  • Transparency
  • Non-interlinking
  • Intervenability

The Processor is obligated to provide the Controller with all information and documents relevant to the decision, if applicable a certification according to Art. 42 GDPR or binding rules according to Art. 40 GDPR.


Ihnen gefällt diese Seite?
Dann freuen wir uns, wenn Sie uns weiter empfehlen.
Die Einbindung der social media Buttons erfolgt über die Shariff-Lösung der Ct. Ihre Daten werden erst an Dritte übertragen, wenn Sie aktiv auf einen der Buttons klicken.
Herzlichen Dank fürs Teilen und Weitersagen.