The GDPR is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. While primarily process-driven, there are a number of technical controls that can be followed.
|Article 25 - Data Protection by Design and by Default||The controller shall implement appropriate technical and organizational measures for ensuring that, by default, only personal data that are necessary for each specific purpose of the processing are processed.|
|Article 30 - Records of Processing Activities||The controller shall maintain a record of processing activities under its responsibility.|
|Article 32 - Security of Processing||The controller shall implement appropriate technical and organizational measures that consider the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.|
To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.