The future CWA will provide GDPR-compliance guidelines for Traditional Micro-SMEs acting as controllers for low-risk processing operations. It will provide practical guidance on the key GDPR requirements to be considered by such Micro-SMEs translating these into the practical legal requirements they shall comply with, to be GDPR compliant.
The document will contain practical guidance, checklists, templates and examples that are ready to use to support a Traditional Micro-SME on its way to complying with its data protection obligations or to assess if a Traditional Micro-SME meets the requirements.
This CWA is applicable to Traditional Micro-SMEs. It can be used by these Micro-SMEs and by the service providers that assess them or support them to become GDPR compliant (e.g. consultants, trainers, accountants, lawyers, ICT providers, etc.).
A CWA is a pre-normative document developed within the Committee for Standardization (CEN) which reflects an agreement between identified individuals and organizations responsible for its contents.
Once it´s published, the CWA will be available for free on CEN´s website.
A public commenting phase on the CWA draft is now open until March 28. Anyone can provide its comments on the document through CEN´s website in the following link: https://www.cencenelec.eu/news/workshops/Pages/WS-2021-005.aspx