Ramona Baureis's picture

Process Landscape for Overview

To build my DSMS, I created an overview of the processes, documents and data flows of my business.

The DSMS contains all relevant processes, data flows and documents in a map so that questions can be answered quickly in the event of an enquiry by the data protection supervisory authority.

The process landscape is the basis for this. All necessary information is linked.



The upper area represents the documentation level. The following documents are linked here:

  • data protection guideline
  • data protection guideline
  • privacy statement
  • processing directory


Tasks of my Data Protection Officer

This is followed by the relevant tasks of my data protection officer.

The data breakdown reporting process is very important here. This is linked in the landscape. It can therefore be "navigated through" and viewed.


IT, Compliance with Data Protection, Rights of Data Sufferer

The following is an overview of the used IT, the processes for compliance with data protection and the rights of data sufferers.

I have listed all relevant IT "systems" according to data person-related processing. These are linked to corresponding processing processes.

These processes describe how I comply with data protection. Data models are also linked. These data models show the entities used with the corresponding attributes. So I can see exactly which data is used in which processing.


TOM's and Security Package

In the "TOM's and Security Package", all information is summarized in a whiteboard and displayed in columns, sorted according to topics such as data security, data deletion, etc. This gives me an overview of the measures I have implemented that are relevant to my business.



Through this construct I have created a tool that contains all necessary information centrally and makes it available quickly.

preview of A Data Protection Management System with ARIS Express (ARIS Express)
Tags: ARIS Express