Certification criteria developed in conjunction with the supervisory authorities provide precise requirements for:
- certification of conformance
- training course content
- implementation guidance
- assurance services.
Criteria are developed in accordance with a rigorous review and approval process. All certification schemes have a clearly defined scope and indicate what is not included. They are designed to be applied to any kind of processing in a consistent and reliable manner. It is important that a clear understanding of what processing of personal data is covered and how the GDPR obligations will be undertaken and delivered.