Free 27001 – GDPR templates

This is our ‘secret’ free template page. If you found this page, you can use these ISO 27001 and GDPR templates.

About these templates

The templates on this page are made by the people of ICT Institute. We use these templates in our trainin sessions and our advisory work. We decided to make our templates available to anyone with hardly any restrictions. They are provided under the Creative Commons license Attribution license. You can do the following with the templates:

  • Share. You can share the templates and any documents made with these templates freely, with any one that you want to share it with.
  • Adapt. You can make new documents based on the templates, make changes, add elements or delete elements as much as you want. You can even do this in commercial organisations of for commercial purposes.

Note that the use of these templates is of course at your own risk. We made an effort to include all required items in the template, but when we use these templates we change them to fit the intended use. Note also that the ISO 27001 norm is copyright protetced. You must buy a copy of the norm before you can use it.

Note that we also offer 27001 and GDPR templates in Dutch. These are on this page: Nederlandse templates AVG en 27001.

GDPR templates

  • Data processing agreement – this agreement is needed if you share personal data with another organisation.
  • Joint controllership agreement – this agreement is needed when two parties collaborate and jointly decide why and how personal data is processed.
  • Register of data processing activities – this register is mandatory for almost all companies that process personal data.
  • Data protection impact assessment – if a new activity involves new personal data processing, you will need this template to determine if an impact assessment is required and to do the impact assessment.
  • Project plan template:Free template – Project plan. Using project plans is important to meet the “privacy and security” by design requirement from the GDPR. The template offers all basic project plan elements, including a privacy section, risks and information security impact.

Information security templates

Other resources

Image credit: @rawpixel via Unsplash