INTERNAL CONTROLSGDPR - GENERAL DATA PROTECTION REGULATIONCHAPTER IV: Controller and processorSECTION: 03 - Data protection impact assessment and prior consultationARTICLE: 35 - Data protection impact assessmentGENERAL GUIDELINES:This Document contains the Internal Controls based on the regulation of GDPR (General Data Protection Regulation). Implement these internal controls which can mitigate the risk of non-compliance with the regulation and avoid/mitigate the risk of legal implications due to non-compliance with the regulation (GDPR). Once the Internal Controls are implemented the auditor should review the compliance with SOPs and the Regulation "GDPR" on periodic basis and notify the irregularities/non-compliance. Furthermore, auditor should also look for the control weaknesses and suggest the controls if any.