The integrated EU GDPR and ISO 27001:2013 documentation kit contain more than 155 editable MS-Word files. These editable documents address all the elements of the Information security management system and the General Data Protection Regulation.

  • A Manual
  • Required Procedures
  • Formats
  • Sample Filled Forms

Original price was: $950.00.Current price is: $600.00.



All ISO documents are designed under the guidance of experienced ISO consultants.

Content of EU GDPR Integrated with ISO 27001 ISMS Documentation Kit

The EU GDPR and ISO 27001 integrated documents are editable and many organizations and ISO 27001 consultants are using these documents. The contents of the documentation kit, which we offer, include more than 155 editable files as listed below. These are written in easy to understand language and available in editable format.

  1. ISMS Manual: A sample ISO 27001:2013 manual is given, which explains macro-level management strategy and commitment and how the information security system is implemented.
  2. ISMS and GDPR Policy: 23 ISMS policies and 06 GDPR policies are given in this module, which helps to frame the information security controls and GDPR implementation.
  3. ISO 27001 and GDPR Procedures: It includes 12 information security and 7 ISMS system related procedures as well as 6 GDPR procedures to implement the effective system in the organization.
  4. Standard Operating Procedures: There are 9 SOPs given to establish controls for information security.
  5. Process Flow Charts: Total 06 Process flow charts that cover process flow activities of all the main and critical processes with an input-output matrix for a manufacturing organization.
  6. Forms for record-keeping: A set of 45 ISMS templates and 16 GDPR templates, which are sample forms to demonstrate the implementation of the integrated EU GDPR and ISMS systems.
  7. Filled forms: It includes a total of 9 filled forms for an asset register, risk assessment, risk treatment, scope document for quick record keeping as well as 6 job descriptions filled formats.
  8. ISO 27001 Audit checklist: It includes more than 500 audit questions for auditing implemented systems.
    • Audit questions to verify mandatory system implementation points
    • ISMS controls related to ISO 27001:2013 audit checklist
    • Good information security related to best practice verification questions.
  9. Document Compliance Matrix: It includes a 01 Excel file with GDPR as well as an information security management system document compliance matrix.

The entire integrated EU GDPR and ISO 27001:2013 documents listed above are editable. Users can easily modify the name of the company, its logo, and other required parameters to prepare its organizational GDPR and information security system based documents quickly and economically.

The integrated system implementation of the General Data Protection Regulation(GDPR) and Information Security Management System(ISMS) to develop data protection and information security-related controls are necessary for every IT operational organization. Our EU GDPR – ISO 27001 Documents kit gives more than 155 different types of sample templates to establish a well-integrated system as per GDPR and ISMS requirements.

Documentation: –

Our documentation kit contains sample documents required for system certification as listed below. All documents are in MS-Word/Excel files and you can edit them. You can make changes as per your organization’s need and within few days your entire documents with all necessary controls will be ready. In the ISO 27001:2022, documented information (procedures, SOPs, etc.) are required a few places only. But for making the system better, we have provided many editable templates from which a user can select templates as per their own requirement and make some minor changes in them to make own system. Two types of documented information are provided in this kit, as listed below:

  1. Maintain documented information (Scope, Manual, etc.)
  2. Retain documented information (Forms / Templates)

Under the main directories, further files are provided in MS Word document as per the details given below.

1. ISMS Manual:

It covers sample copy of information security management system manual and clause wise details for how ISMS systems are implemented. It covers list of procedures as well as overview of organization and covers tier1 of ISMS documents.

(A) Table of Contents

4 to 10 – Detail chapters explaining management commitment and at macro level how system is implemented to comply requirements

2. GDPR & Information Security Policies

  2.1 Information security Policies (29 policies)

It covers guideline for controls applied as per ISMS guidelines. The policy document templates are provided to frame the information security controls as listed below.

List of policies

  1. Acceptable Use Policy-Information Services
  2. Infrastructure Policy
  3. Policy for Access Card
  4. Backup Policy
  5. Clear Desk and Clear Screen Policy
  6. Physical Media & Disposal Sensitive Data
  7. Electronic Devices Policy
  8. LAN Policy
  9. Training Policy
  10. Mobile Computing Policy
  11. Telework Policy
  12. Laptop Policy
  13. Internet acceptable user policy
  14. Messenger and E-mail
  15. Password Policy
  16. Patch Management
  17. User Registration Access Management
  18. Policy for Working in Secured Areas
  19. Visitor Policy
  20. Work Station Policy
  21. Cryptographic Policy
  22. IT Access Control Policy
  23. Change Control
  24. Cloud Security Policy
  25. Freeware and Shareware Policy
  26. Operation Security
  27. IT Incident Recording and Reporting Policy
  28. Personally identifiable information policy (PII)
  29. Data Protection Policy

2.2 GDPR Policies (06 policies)

It covers guideline applied as per GDPR guidelines. The policy document templates are provided to frame the GDPR implementation as listed below.

List of Policies

  1. Data Protection Policy
  2. Privacy by Design / by Default Policy
  3. Data Retention Policy
  4. Cross-border processing or transfers of personal data
  5. Data Classification Policy
  6. Cookies Policy

3. GDPR & Information Security Procedures

 3.1 Information security procedures (20 procedures)

It covers sample copy of mandatory all the Information security management system procedures covering all the details as per ISMS requirements.

List of ISMS Procedures

  1. Procedure for Management Review
  2. Procedure for Documented Information Control
  3. Procedure for Corrective Action
  4. Procedure for Control of Record
  5. Procedure for Information Security Management System Internal Audit
  6. Procedure for Control of Nonconformity and Improvement
  7. Procedure for Personnel and Training
  8. Procedure for Scope Documentation for Implementation
  9. Approach Procedure for ISMS Implementation
  10. Procedure for Risk Assessment
  11. Procedure for ISMS change management
  12. Procedure for Organization Security
  13. Procedure for Assets Classification & Control
  14. Procedure for Human Resource Security
  15. Procedure for Physical and Environmental Security
  16. Procedure for Communication & Operational Management
  17. Procedure for Access Control
  18. Procedure for System Development and Maintenance
  19. Procedure for Business Continuity Management Planning
  20. Procedure for Legal Requirements

 3.2 GDPR Procedures: (06 Procedures)

It covers sample copy of mandatory all the general data protection regulation procedures covering all the details as per GDPR requirements.

List of GDPR Procedures

  1. Data Inventory Procedures
  2. Obtaining Valid Consent
  3. Data Protection Impact Assessment
  4. Subject Access Request Procedure
  5. Data Breach notification & handling Procedures
  6. Procedure for handling GDPR Data Subject Rights

4. Standard Operating Procedures (09 SOPs)

It covers sample copy of SOPs to link with significant aspects issues in the organization. It takes care of all such issues and used as a training guide as well as to establish control and make system in the organization. The samples given are as a guide and not compulsory to follow and organization is free to change the same to suit own requirements.

List of SOPs

  1. SOP for Liaison with specialist organizations
  2. SOP for Group Internet and E-mail Usage
  3. SOP for Software configuration management
  4. SOP for Server hardening
  5. SOP for the Management of removable media
  6. SOP for the Handling of virus attacks
  7. SOP for Information security incident management
  8. SOP for Audit trails
  9. SOP for Business Continuity Plan

5. Process Flow Charts (06 Process Flow Charts)

It covers guideline for processes, process model. It covers process flow chart activities of all the main and critical processes with input-output matrix for manufacturing organization. It helps any organization in process mapping as well as preparing process documents for own organization.

List of Process Flow Chart

  1. Tax Account Related BPO-Work
  2. Marketing
  3. Purchase
  4. Software Development
  5. HRD and Training
  6. Web Application

6. Blank Formats (61 Blank formats)

It covers sample copy of blank forms required to maintain records as well as establish control and make system in the organization. The samples given are as a guide and not compulsory to follow and organization is free to change the same to suit own requirements.

List of blank formats

  1. Visitor Entry Register
  2. Employee leaving/transfer/termination Checklist
  3. Employment confidentiality and Non-competition agreement
  4. Job Description and Specification
  5. Supplier confidentiality and Non-competition agreement
  6. Training Calendar
  7. Employees Competence Report
  8. Security incident Investigation Form
  9. Asset Identification and Classification
  10. Capacity Planning
  11. Business Continuity Test Report
  12. Key Activities Input and Output
  13. ISMS Objective Monitoring Report
  14. Induction Training Report
  15. Training Report
  16. Skills Matrix Sheet
  17. Purchase Order
  18. Material Inward / Outward Record
  19. Approved Supplier List
  20. Contract Review Checklist / Summery of Contract
  21. Customer Complaint Report
  22. Customer Feedback Form
  23. Service level agreement
  24. Statement of Applicability report
  25. Outsourced Service Details
  26. Implementation of Recommended Controls
  27. Change Note
  28. Breakdown History Card
  29. Preventive Maintenance Checklist
  30. Master List and Distribution List of Document
  31. Corrective Action Report
  32. Software Project Plan and Review Approval Register
  33. Master List of Record
  34. IS Objectives Plan
  35. Minutes of meeting
  36. Configuration Items List
  37. Change Request
  38. Asset Identification and Classification
  39. Risk Assessment and Treatment Plant
  40. New User Creation Form
  41. Media Disposal and Scrap Record
  42. Parent/legal guardian consent form
  43. Parental consent withdrawal form
  44. GDPR consent form
  45. DPIA Template
  46. Standard Contractual Clauses for Third Parties
  47. Data subject action request form
  48. Audit Plan / Program
  49. ISMS Internal Audit NCR Report
  50. ISO 27001:2022 Audit Checklist Report
  51. Minutes of meeting
  52. Continual Improvement Monitoring Log
  53. Change management request form
  54. Communication report
  55. List of licenses
  56. Data Breach notification &investigation from
  57. Inter Company Agreement
  58. Data Subject Right to erasure request form
  59. Data Subject Consent Withdrawal Form
  60. DPO appointment letter
  61. Access Request Confirmation Letter

7. Filled formats (34 Filled formats)

It covers sample copy of filled forms required to maintain records as well as establish control and make system in the organization. The filled samples given are as a guide and not compulsory to follow and organization is free to change the same to suit own requirements.

List of filled formats

  1. Asset Register and Evaluation – sample 1
  2. Asset Identification and Classification – sample 2
  3. New User Creation Form
  4. Media Disposal and Scrap record
  5. Security incident & investigation form
  6. Capacity Planning
  7. Business Continuity Test Report
  8. ISMS Objectives Monitoring Sheet
  9. Visitor Entry Register
  10. Customer Feedback Form
  11. Communication report
  12. Customer Complaint Report
  13. Employee Leaving/Transfer/Termination Checklist
  14. Approved Supplier List
  15. Supplier registration form
  16. Training Calendar
  17. Employees Competence Report
  18. Master List and Distribution List of Document
  19. Change Note
  20. Corrective Action Report
  21. Master List of Records
  22. Objective Plan
  23. Audit Plan / Program
  24. ISMS Internal Audit Non-Conformity Report
  25. ISO/IEC 27001:2022 Audit Checklist Report
  26. Induction Training Report
  27. Training Report
  28. Skills Matrix Sheet
  29. Preventive maintenance checklist
  30. Breakdown History Card
  31. Master Compliance Matrix
  32. Scope Document for ISMS Implementation
  33. People Assets
  34. Vulnerability Assessment Tools List

8. Audit Checklist (More than 500 Audit check list questions)

ISMS requirement wise as well as technical audit checklist and best practices are given.

  1. ISMS Good Practices Audit Checklist
  2. ISMS Clausewise
  3. Controls Audit Checklist

9. Job description (11 job description)

It covers sample copy of job descriptions. List given below;

List of job description

  1. Job description for Director
  2. Job description for Finance & Account manager
  3. Job description for HR Head
  4. Job description for IS Manager
  5. Job description for IT consultant
  6. Job description for Marketing & business development manager
  7. Job description for Networking Engineer
  8. Job description for DPO
  9. Job description for Project Manager
  10. Job description for QC Head
  11. Job description for Software Developer

10.Sample MRM

It covers sample copy management review meeting, agenda of management review meeting and objective review.

11.Filled sample risk sheet

It covers sample copy filled risk assessment and treatment plan as per information security management system requirements.

12.Filled Statement of applicability (SOA)

It covers sample copy filled statement of applicability (SOA) as per information security management system requirements.

13.GDPR along with ISO 27001 Compliance Matrix

This compliance matrix contains GDPR along with ISO 27001:2022 requirement wise list of documented information for easy reference of users and to understand how this system is made.

How useful?

  • The total documents for ISMS – ISO 27001 certification and EU GDPR certification are ideal to be used by any individual or by a facilitator working with large groups to successfully implement it in their organizations.
  • The integrated EU GDPR with ISMS documentation kit can be useful to accelerate the documentation process, which results in quick certification.
  • The users can very easily modify the templates according to their products and create the documents for their organization quickly and economically.
  • The GDPR policies and ISMS policies given in this kit help users to develop information security and data protection control effectively.
  • Ready-made templates are provided, which can reduce your time in the preparation of documents and ISO 27001 audit checklists for quick certification.
  • The kit takes to care of all the sections and sub-sections of information security management system requirements as well as EU GDPR requirements. We have cross-referred the requirements with our documents to give you better confidence in your system.
  • This excellent set of ISO 27001 and GDPR documents gives complete help to the users in making an integrated system with EU GDPR. Many companies are implementing ISO 27001:2013 system and getting benefits of ISO 27001 certification as improved information security in their day-to-day business.
  • We provide a complete demo as well as sample documents, with a quick BUY option, that helps the user to understand the list of all documents covered in the kit.


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.