Guidelines 01/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR
SECTION 3 GENERAL REQUIREMENTS
a Are all relevant terms used in the criteria catalogue (i.e. the full set of certification criteria) identified, explained and described?
b Are all normative references identified?
c Do the criteria include the definition of data protection responsibilities, procedures and processing covered by the scope of the certification mechanism?