Maintains an overview of the organisation’s information assets, identifies the information asset owners and implements internal audits including controls on storing, security, maintaining records of processing activities, data protection impact assessments, transfers, contracts and handling access to personal data.