Page 71 - EQA Employee Handbook

P. 71

• Review of the Data Protection Policy.
7.9.3. Following completion of the Risk Assessment, a report shall be provided to the Chief Executive
outlining any identified nonconformities and/or opportunities for improvement, including any
recommendations to carry out a Data Protection Impact Assessment.

Appendix A

Table 1 List of documents referenced in the Data Protection Policy

Doc. No. Document Title Issue Date Location

N/A EQA (Ireland) Limited On- N/A 06/06/2018 \\SERVER\Administration\New
Line Certification Website Website
Privacy Statement
(www.securitycert.eqa.ie)

N/A EQA (Ireland) Limited N/A 06/06/2018 \\SERVER\Administration\New
Privacy Statement Website
(www.eqa.ie)

EQA (Ireland) General Terms & 2 06/06/2018 \\Server\eqa qms\Term &
Limited – Conditions Conditions of sale
General
Terms &
Conditions

Independent Independent Service 4 Oct 2017 \\Server\eqa qms\Assessors\Z
Service Contract Assessor Service Agreements
Contract

Info_Security Information Security Policy 1 Sep 2012 \\Server\eqa qms\Information
Security

DPA 1 ‘Data Processor 1 Jun 2018 \\SERVER\Administration\Data
Agreement’ Template Protection Act\Forms

PDI 1 EQA Personal Data 1 Jun 2018 \\SERVER\Administration\Data
Inventory Protection Act\

PDI 2 EQA Personal Data 1 Jun 2018 \\SERVER\Administration\Data
Inventory: Third Parties Protection Act\

DB 1 Data Breach Risk 1 Jul 2018 \\SERVER\Administration\Data
Assessment Form Protection Act\Forms

DAR 1 Personal Data Access 1 Jun 2018 \\SERVER\Administration\Data
Request Form Protection Act\Forms

DPI 1 Data Protection Impact 1 Jul 2018 \\SERVER\Administration\Data
Assessment Form Protection Act\Forms

Page 70 of 79

66 67 68 69 70 71 72 73 74 75 76