Is the Information Audit a new requirement under GDPR?

Yes – documentation is a new requirement under the GDPR. It is mainly about keeping internal records of your processing activities. It reflects the increased importance of accountability and your obligation to ensure (and demonstrate) that what you do with people’s personal data is in line with the GDPR. Article 30 sets out the different types of information you need to document including the purposes of processing, categories of personal data and recipients of personal data.