ROPA – Record of Processing Activity
The simple and easy to use Record of Processing Activities Template – ROPA allows you to record and evidence what data you have in a GDPR and data protection compliant way. All of the GDPR and Data Protection Records of Processing Activity (ROPA) requirements are include. Easily track and record your data assets and meet the requirements of ISO 27001 and the GDPR.
This simple and easy to use data asset register is based on the GDPR Data Protection Records of Processing Activity, a gold standard in data protection.
We are so confident that it will meet your needs that if it doesn’t, we will give you your money back.
ISO 27001 Product Contents
Article 30 of the General Data Protection Regulation (GDPR) requires written documentation of procedures concerning personal data you process within your organisation. The ROPA addresses these requirements as well as the requirements of ISO 27001. With the ROPA you can easily record and evidence:
- GDPR Article (a) the name and contact details of the controller and, where applicable, the joint controller, the controller’s representative and the data protection officer
- GDPR Article (b) the purposes of the processing;
- GDPR Article (c) a description of the categories of data subjects and of the categories of personal data
- GDPR Article (d) the categories of recipients to whom the personal data have been or will be disclosed including recipients in third countries or international organisations
- GDPR Article (e) where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards
- GDPR Article (f) where possible, the envisaged time limits for erasure of the different categories of data
- GDPR Article (g) where possible, a general description of the technical and organisational security measures referred to in Article 32(1)
Reviews

ISO 27001 Requirement Met
ISO 27002:2002 Clause 8
Asset Management
ISO 27002:2002 Clause 8.1.1 Inventory of Assets
Assets associated with information and information processing facilities shall be identified and an inventory of these assets shall be drawn up and maintained.
ISO 27002:2002 Clause 8.1.2 Ownership of Assets
Assets maintained in the inventory shall be owned.
Quick Look

ROPA / Data Asset Register Walkthrough
Meet the Team behind the ISO 27001 Templates
At Hight Table the ISO 27001 Company we have been in Governance Risk and Compliance for over 25 Years. These are the ISO 27001 policies, ISO 27001 templates and ISO 27001 toolkit that we use day in and day out.
Reviews
There are no reviews yet.