Under Article 4 paragraph 3 DPCO, the Commissioner issues guidelines on the minimum requirements for data protection management systems. These include an appendix, explanatory notes and a number of diagrams. To see the documents, please click here: important documents.