Guidelines on Data Protection Officers (‘DPOs’) (wp243rev.01)
Section 4.1. Monitoring compliance with the GDPR
Article 39(1)(b) entrusts DPOs, among other duties, with the duty to monitor compliance with the GDPR. Recital 97 further specifies that DPO ‘should assist the controller or the processor to monitor internal compliance with this Regulation’.
As part of these dutiesto monitor compliance, DPOsmay, in particular:
collect information to identify processingactivitiesan
alyse and check the compliance of processing activities
inform, advise and issue recommendations to the controller or the processor