[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fm23HXw17eTDN0UdbU1XHCHJRbaiBi6eljfcmOyCIx5o":3},{"sections":4,"resultAnalysis":814,"id":917,"version":918,"newVersion":23,"label":919,"isPinned":142,"isShared":142,"sharingToken":920,"isRevision":23,"isBlockAnalysisShared":142,"nbReferences":921,"referenceId":9,"nbResponses":11,"parentId":9,"revisionDescription":922,"logoUrl":923,"description":924,"scheduleIntervalDays":9,"versionNumber":79,"dateCreation":925,"dateUpdate":926,"dateArchived":9,"archived":23,"type":927,"typeIndex":79,"typeColor":9,"typeIcon":9,"typeText":928,"creator":929,"objectType":9,"defaultOwners":937,"tags":938,"privacyHubs":9,"nbQuestions":950,"nbQuestionsRequired":950,"nbDatas":11,"deadLineDays":9},[5,144,258,371,461,554,645,725],{"id":6,"slug":7,"label":8,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":13,"questions":14,"sections":143},"79d5908b-6e9c-44cb-94c3-7ddb249d381e","procedures","Procédures",null,"Default",0,"SectionType_Default","",[15],{"id":16,"slug":17,"label":18,"tooltipHtml":13,"descriptionHtml":19,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":24,"displayConditions":9,"answers":25,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"afa12e7b-9767-4028-a6a6-63643116928a","definition-tenue-a-jour-et-communication-des-politiques-et-procedures-generales-relatives-a-la-gestion-des-donnees-personnelles-et-a-la-protection-de-la-vie-privee-charte-dutilisation-du-systeme-dinformation-clauses-contractuelles-types-etc-verification-de-leur-application-et-declenchement-des-eventuelles-mesures-prevues-en-cas-de-manquement","Des procédures de protection des données sont-elles définies et mises en œuvre ?","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués :\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Définir et mettre en œuvre des procédures de protection des données\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Définition, tenue à jour et communication des politiques et procédures générales relatives à la gestion des données personnelles et à la protection de la vie privée (charte d’utilisation du système d’information, clauses contractuelles types, etc.), vérification de leur application et déclenchement des éventuelles mesures prévues en cas de manquement\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cem>Définition\u003C/em> par la direction juridique, direction des risques ou direction des systèmes d’information,\u003C/p>\u003Cp>\u003Cem>Vérification\u003C/em> via les processus de contrôle interne\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>","Radio",7,"Liste de cases à cocher (une seule réponse)",false,[],[26,76,100,115,127,135],{"id":27,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":31},"b61579db-34ac-4d6f-9be0-e777fa54b6bb","#dc3545","0 : Pratique inexistante ou incomplète"," Rien n’est fait en matière de protection des données. Celle-ci n’est pas connue ni prise en charge au sein de l’organisme et le besoin n’est pas reconnu.",[32,41,46,51,56,61,66,71],{"id":33,"label":34,"userId":9,"color":35,"description":36,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"73b5f3fd-0e7e-472b-b6ea-0d9277d97a52","Revoir, mettre à jour et améliorer les documents​","#084887","\u003Cul>\u003Cli>\u003Cp>Établir un calendrier de révision régulière\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procéder à la révision des documents actuels\u003C/p>\u003C/li>\u003Cli>\u003Cp>Mettre à jour les documents\u003C/p>\u003C/li>\u003Cli>\u003Cp>Communication des mises à jour\u003C/p>\u003C/li>\u003Cli>\u003Cp>Suivi et évaluation continue\u003C/p>\u003C/li>\u003Cli>\u003Cp>Audit et contrôle\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>","Medium",2,"#ffc107","Moyen",{"id":42,"label":43,"userId":9,"color":44,"description":45,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c2fbfa01-1c40-4ad2-a863-fb5d7180afea","Produire des indicateurs de suivi​","#1ab586","\u003Cul>\u003Cli>\u003Cp>Indicateurs de conformité générale\u003C/p>\u003C/li>\u003Cli>\u003Cp>Indicateurs de gestion des droits des personnes concernées\u003C/p>\u003C/li>\u003Cli>\u003Cp>Indicateurs de sécurité des données\u003C/p>\u003C/li>\u003Cli>\u003Cp>Indicateurs de conservation et suppression des données\u003C/p>\u003C/li>\u003Cli>\u003Cp>Indicateurs de gestion des consentements\u003C/p>\u003C/li>\u003Cli>\u003Cp>Rapports de conformité\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":47,"label":48,"userId":9,"color":49,"description":50,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"987a45ea-7e92-4a12-9ceb-95e3b29752ab","Contrôler les documents​","#70cbd5","\u003Cul>\u003Cli>\u003Cp>Établir une politique de gestion documentaire\u003C/p>\u003C/li>\u003Cli>\u003Cp>Créer un registre des activités de traitement\u003C/p>\u003C/li>\u003Cli>\u003Cp>Mettre en place des procédures de revue et d'audit\u003C/p>\u003C/li>\u003Cli>\u003Cp>Contrôler les politiques et les procédures de confidentialité\u003C/p>\u003C/li>\u003Cli>\u003Cp>Évaluer les accords de sous-traitance\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":52,"label":53,"userId":9,"color":54,"description":55,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0c4da64f-313a-422e-8383-5803fa21c8e6","Formaliser des procédures​","#6f42c1","\u003Cul>\u003Cli>\u003Cp>Procédure de collecte et de traitement des données\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procédure de gestion des droits des personnes concernées\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procédure de gestion des violations de données\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procédure de conservation et de suppression des données\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procédure de gestion des consentements\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":57,"label":58,"userId":9,"color":59,"description":60,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3e213009-ee55-432f-94a7-48f09321d7fa","Transmettre aux personnes une documentation formelle et validée par la direction","#727a94","\u003Cul>\u003Cli>\u003Cp>Élaboration de la documentation (Politique de protection des données, Charte IT, etc)\u003C/p>\u003C/li>\u003Cli>\u003Cp>Formation et sensibilisation\u003C/p>\u003C/li>\u003Cli>\u003Cp>Mise à jour et révision régulières\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":62,"label":63,"userId":9,"color":64,"description":65,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"fe4ebdfe-747a-4010-81ec-eb6c2c701840","Rendre les règles opposables aux salariés (charte IT)​","#6610f2","\u003Cul>\u003Cli>\u003Cp>Élaboration de la charte IT\u003C/p>\u003C/li>\u003Cli>\u003Cp>Validation et adoption\u003C/p>\u003C/li>\u003Cli>\u003Cp>Communication et formation\u003C/p>\u003C/li>\u003Cli>\u003Cp>Mise à jour régulière\u003C/p>\u003C/li>\u003Cli>\u003Cp>Surveillance et contrôle\u003C/p>\u003C/li>\u003Cli>\u003Cp>Gestion des incidents\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":67,"label":68,"userId":9,"color":69,"description":70,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"64ac55b6-1335-4f4f-9a1f-ec5352c87c02","  Partager des documents au personnel​","#17a2b8","\u003Cul>\u003Cli>\u003Cp>Politique de confidentialité interne\u003C/p>\u003C/li>\u003Cli>\u003Cp>Guide des droits des personnes concernées\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procédures de gestion des incidents de sécurité\u003C/p>\u003C/li>\u003Cli>\u003Cp>Plan de formation et sensibilisation\u003C/p>\u003C/li>\u003Cli>\u003Cp>Procédures de réponse aux demandes d’exercice des droits\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":72,"label":73,"userId":9,"color":74,"description":75,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e0df4309-0015-4e2a-b1c9-e74cfc18c9a5","Mettre en œuvre certaines bonnes pratiques​","#1e8ee1","\u003Cul>\u003Cli>\u003Cp>Cartographier les données\u003C/p>\u003C/li>\u003Cli>\u003Cp>Réviser et ajuster régulièrement les mesures et les pratiques de protection des données pour rester en conformité avec les évolutions législatives et technologiques\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":77,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":80,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":81},"4333b5cf-979a-4861-b642-4cb1add993ae","1 : Pratique informelle (quelques actions isolées)",1,"Quelques bonnes\npratiques sont\nponctuellement\nmises en œuvre\n(ex. : minimisation\nde la collecte ou\neffacement des\ndonnées\nobsolètes,\nmentions\nd'information).",[82,88,90,92,94,96,98],{"id":83,"label":34,"userId":9,"color":84,"description":36,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"23e42d6f-1d49-48a0-b623-99a64d22fa09","#374d6a","High","#DC3545","Élevé",{"id":89,"label":43,"userId":9,"color":35,"description":45,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"c9eed8f6-83a5-4ac2-9450-d23af01c37b2",{"id":91,"label":48,"userId":9,"color":49,"description":50,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"74b588a4-8537-4356-9695-c2fa2b891a37",{"id":93,"label":53,"userId":9,"color":54,"description":55,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"12802ea0-8136-444c-83b1-c8063075c2eb",{"id":95,"label":58,"userId":9,"color":59,"description":60,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"0b58f366-07d0-4b53-9ed4-28d7f3525496",{"id":97,"label":63,"userId":9,"color":64,"description":65,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"a9a751a9-703c-4387-bfdd-46cffe9aa584",{"id":99,"label":68,"userId":9,"color":69,"description":70,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"d24faca3-fc23-4930-846a-13633556162c",{"id":101,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":103,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":104},"ec605784-0cac-4c16-831f-befc85e4d3b3","2 : Pratique répétable et suivie (des actions reproductibles)","Des documents relatifs\nà la protection des\ndonnées (bonnes\npratiques, règles,\nexemples, etc.) sont\npartagés.\nIl existe une\ndocumentation (ex. :\ncharte d'utilisation des\nmoyens informatiques)\ncomportant des règles\nrelatives à la\nprotection des\ndonnées. ",[105,107,109,111,113],{"id":106,"label":34,"userId":9,"color":54,"description":36,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"6476aff8-0cf0-4db0-8c97-713069f57cbe",{"id":108,"label":43,"userId":9,"color":59,"description":45,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"1ebfc402-69af-4b16-9e41-d68f530be636",{"id":110,"label":48,"userId":9,"color":64,"description":50,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"b0ef854b-e9a4-4e2b-8546-59a9f69cac5a",{"id":112,"label":53,"userId":9,"color":69,"description":55,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"75d291d0-ce82-4ba4-bcc5-24141c734a96",{"id":114,"label":58,"userId":9,"color":74,"description":60,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"4bdd5bf8-9249-4ee7-bddf-f3395f044812",{"id":116,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":119,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":120},"766391bb-2fbd-47f4-830a-17fcab11ec96","3 : Processus défini (standardisation des pratiques)",3,"Une documentation\nformelle (ex. : politique\nde protection des\ndonnées), approuvée par\nle comité de direction,\nest communiquée à\nl’ensemble du personnel.\nDes procédures sont\nformalisées et transmises\nà l’ensemble du\npersonnel.\nLes règles sont\nappliquées.",[121,123,125],{"id":122,"label":34,"userId":9,"color":69,"description":36,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"4c99dd5c-7b9a-4ffb-91a3-f2078e3ab4eb",{"id":124,"label":43,"userId":9,"color":64,"description":45,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"41997928-36f4-4f23-8074-cb815c409c70",{"id":126,"label":48,"userId":9,"color":74,"description":50,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"d1a9792a-46b8-4cf6-89f7-18b29a217ccc",{"id":128,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":131,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":132},"97fe1af5-a7fd-4b8b-bf5d-c0a0739f856c","4 : Processus contrôlé (mesure quantitative et correction des défauts)",4,"Une revue annuelle des\npolitiques et\nprocédures est\nréalisée.\nDes indicateurs sont\nproduits (ex. : sur la\nmise en œuvre des\nrègles, sur les\ndifficultés rencontrées,\nsur leur efficacité, etc.).",[133],{"id":134,"label":34,"userId":9,"color":74,"description":36,"priority":85,"priorityIndex":79,"priorityColor":86,"priorityIcon":9,"priorityText":87},"513bc680-e4d6-4eed-9450-f8ce59e0f58e",{"id":136,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":140,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":141},"e7c16140-8f64-4ce2-b554-4211f2eeeb75","#22e292","5 : Processus continuellement optimisé (amélioration continue)",5,"Les politiques et\nprocédures sont mises à\njour dès identification\nd’une amélioration\npossible.",[],true,[],{"id":145,"slug":146,"label":147,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":13,"questions":148,"sections":257},"c338cbd9-7959-4867-adb0-000fd58cce69","gouvernance","Gouvernance",[149],{"id":150,"slug":151,"label":152,"tooltipHtml":13,"descriptionHtml":153,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":154,"displayConditions":9,"answers":155,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"4d35753d-d69c-48cd-aaae-38b40af21256","definition-tenue-a-jour-et-communication-des-politiques-et-procedures-generales-relatives-a-la-gestion-des-donnees-personnelles-et-a-la-protection-de-la-vie-privee-charte-dutilisation-du-systeme-dinformation-clauses-contractuelles-types-etc-verification-de-leur-application-et-declenchement-des-eventuelles-mesures-prevues-en-cas-de-manquement_1","Comment est pilotée la gouvernance de la protection des données ? ","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués :\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Piloter la gouvernance de la protection des données\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Définition, mise en place, mise en œuvre, communication et amélioration de la stratégie de protection des données au sein de l'organisme (gouvernance, rôles et responsabilités, y compris ceux du délégué à la protection des données – DPO).\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Direction générale de l’entreprise et, selon les organismes, pilotage et mise en œuvre par la direction juridique, la direction des risques ou la direction des systèmes d’information.\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[156,193,213,231,245,253],{"id":157,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":158},"f21e0af7-dead-49b2-bfac-328391ce228e",[159,163,166,170,174,177,181,185,189],{"id":160,"label":161,"userId":9,"color":49,"description":162,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"882d625c-3d7e-4136-976a-a9bf6e923bfb","Améliorer en continu le dispositif​","\u003Cul>\u003Cli>\u003Cp>Collecte de feedback et évaluation des pratiques\u003C/p>\u003C/li>\u003Cli>\u003Cp>Analyse des incidents et des tendances\u003C/p>\u003C/li>\u003Cli>\u003Cp>Veille juridique et réglementaire\u003C/p>\u003C/li>\u003Cli>\u003Cp>Formation continue\u003C/p>\u003C/li>\u003Cli>\u003Cp>Audits internes et externes\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":164,"label":165,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2731792c-303b-4fef-95dd-7548647a7385"," Obtenir une certification du DPO​",{"id":167,"label":168,"userId":9,"color":44,"description":169,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"37c4834b-1a48-4ea5-a7ed-4047e47420fe","Réaliser un reporting périodique​","\u003Cul>\u003Cli>\u003Cp>Définition des objectifs du reporting\u003C/p>\u003C/li>\u003Cli>\u003Cp>Détermination de la fréquence et du format\u003C/p>\u003C/li>\u003Cli>\u003Cp>Collecte des données pertinentes\u003C/p>\u003C/li>\u003Cli>\u003Cp>Analyse des données et identification des tendances\u003C/p>\u003C/li>\u003Cli>\u003Cp>Présentation du rapport aux parties prenantes\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":171,"label":172,"userId":9,"color":35,"description":173,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ce45118e-fc72-4a79-9be1-b99bc7b1b611","Créer un réseau de relais interne​","\u003Cul>\u003Cli>\u003Cp>Identification des relais potentiels\u003C/p>\u003C/li>\u003Cli>\u003Cp>Formation des relais\u003C/p>\u003C/li>\u003Cli>\u003Cp>Attribution des responsabilités\u003C/p>\u003C/li>\u003Cli>\u003Cp>Communication et sensibilisation\u003C/p>\u003C/li>\u003Cli>\u003Cp>Facilitation du dialogue\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":175,"label":176,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8f792198-d0c0-423d-a48a-fd7f1fb2e239","Réaliser un bilan régulier auprès des dirigeants​",{"id":178,"label":179,"userId":9,"color":59,"description":180,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"96d98b9c-2d08-47c3-8344-69312c1ae567","Créer la procédure de gouvernance de la donnée​","\u003Cul>\u003Cli>\u003Cp>Identification des parties prenantes\u003C/p>\u003C/li>\u003Cli>\u003Cp>Définition des responsabilités\u003C/p>\u003C/li>\u003Cli>\u003Cp>Élaboration des politiques et procédure\u003C/p>\u003C/li>\u003Cli>\u003Cp>ect\u003C/p>\u003C/li>\u003C/ul>",{"id":182,"label":183,"userId":9,"color":64,"description":184,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"49eba526-5976-4f1e-ae58-5a286bec5b2c","Désigner officiellement un DPO​","\u003Cul>\u003Cli>\u003Cp>Identification des candidats potentiels\u003C/p>\u003C/li>\u003Cli>\u003Cp>Évaluation des compétences et de l'expérience\u003C/p>\u003C/li>\u003Cli>\u003Cp>Formation et certification\u003C/p>\u003C/li>\u003Cli>\u003Cp>Nomination et communication\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":186,"label":187,"userId":9,"color":69,"description":188,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e8d89455-edd7-459c-aa78-538b529af042","Identifier une personne gérant les sujets RGPD​","\u003Cul>\u003Cli>\u003Cp>Expertise en protection des données personnelles\u003C/p>\u003C/li>\u003Cli>\u003Cp>Compétences en gestion et communication\u003C/p>\u003C/li>\u003Cli>\u003Cp>Capacité à former et sensibiliser\u003C/p>\u003C/li>\u003Cli>\u003Cp>Gestion des risques et des incidents\u003C/p>\u003C/li>\u003Cli>\u003Cp>Expérience et formation continue\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":190,"label":191,"userId":9,"color":74,"description":192,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3dd82388-5c87-4e5c-a742-6271b8853367","Identifier des compétences RGPD interne​","\u003Cul>\u003Cli>\u003Cp>Connaissance de la législation\u003C/p>\u003C/li>\u003Cli>\u003Cp>Connaissance des systèmes et processus Internes\u003C/p>\u003C/li>\u003Cli>\u003Cp>Gestion de la conformité\u003C/p>\u003C/li>\u003Cli>\u003Cp>etc\u003C/p>\u003C/li>\u003C/ul>",{"id":194,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":195,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":196},"e01e8627-3c6e-4fed-9a12-dedcf6469253","Des compétences\nrelatives à la\nprotection des\ndonnées sont\nidentifiées au sein\nde l'organisme (ex\n: service juridique)\net exploitées\nponctuellement.",[197,199,201,203,205,207,209,211],{"id":198,"label":161,"userId":9,"color":49,"description":162,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"7574e2bf-21d2-4535-961c-8f51f266ce49",{"id":200,"label":165,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9d725ded-03f7-4a3b-8d7b-e34cfa3c3a78",{"id":202,"label":168,"userId":9,"color":44,"description":169,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"468e6466-4b89-4a33-97bf-cf6f8f755011",{"id":204,"label":172,"userId":9,"color":35,"description":173,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0d0af6aa-f21f-4df0-819b-6abcad4ec300",{"id":206,"label":176,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6eb7c775-dfb9-45cf-8825-5fa576cbdb3e",{"id":208,"label":179,"userId":9,"color":59,"description":180,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"bf410cb1-4e2e-4cc0-bce8-46157f6d2557",{"id":210,"label":183,"userId":9,"color":64,"description":184,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3dfca5ed-012c-4602-ad15-048acf014769",{"id":212,"label":187,"userId":9,"color":69,"description":188,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2347db58-a5ff-4fe4-8806-f6dc50559a0e",{"id":214,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":215,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":216},"2b1b6a97-a672-4591-a28c-1de2b534f031","Un responsable des\nquestions relatives à la\nprotection des\ndonnées, chargé\nnotamment des\ninteractions avec les\npersonnes concernées\n(courriers, etc.), est\nidentifié",[217,219,221,223,225,227,229],{"id":218,"label":161,"userId":9,"color":49,"description":162,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"076114ff-a526-4e18-88ed-92b560cabaff",{"id":220,"label":165,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"803b7373-61e7-4725-9877-a0da93e1b038",{"id":222,"label":168,"userId":9,"color":44,"description":169,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"be3d042c-f2bf-431d-b65a-e42449b59e4c",{"id":224,"label":172,"userId":9,"color":35,"description":173,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"13c1583e-61e3-42fd-b18d-800d20ed101a",{"id":226,"label":176,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ebb338f9-2f92-42c7-b3fb-d08471039533",{"id":228,"label":179,"userId":9,"color":59,"description":180,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e7e76e5d-5029-41e5-9643-49d7edbc855b",{"id":230,"label":183,"userId":9,"color":64,"description":184,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"7c63c056-b1d1-4803-aa68-dc1b61b51a56",{"id":232,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":233,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":234},"b7cc8604-4df8-4cfb-ab44-4b7282bc872f","Un délégué à la\nprotection des données\nest désigné auprès de\nl’autorité nationale de\nprotection des données\npersonnelles (avec une\nfiche de poste ou une\nlettre de mission\nformelle et connue du\npersonnel), une\norganisation est mise en\nplace et les rôles et\nresponsabilités sont\ndéfinis. ",[235,237,239,241,243],{"id":236,"label":161,"userId":9,"color":49,"description":162,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"7f6bd97f-03e3-4e39-88f7-a29ea37880d1",{"id":238,"label":165,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"fd8a7f99-9dc0-42ff-8862-f7b96e06d1f6",{"id":240,"label":168,"userId":9,"color":44,"description":169,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"96620c48-d5f1-447a-bbec-63bacdd567cd",{"id":242,"label":172,"userId":9,"color":35,"description":173,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8e3c25cd-6bd2-41c7-9e9f-291bc982666d",{"id":244,"label":176,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"89477ffe-1501-47e3-9935-eec221f8dc50",{"id":246,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":247,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":248},"afc0930b-64ea-45c0-8a66-49da803a4c9c","Le délégué à la\nprotection des\ndonnées fait un bilan\nannuel de ses actions\naux dirigeants de\nl’organisme\n(notamment le(s)\nresponsable(s) de\ntraitements).",[249,251],{"id":250,"label":161,"userId":9,"color":49,"description":162,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2fa3de00-b5c3-4932-85fe-4c7b837f8096",{"id":252,"label":165,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3361436a-c7fb-4da4-9e58-7f61fc880348",{"id":254,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":255,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":256},"fcbc591e-eda9-4713-9738-e427cba7ef78","Des moyens sont\nrégulièrement alloués\npour mettre en œuvre des\nplans d’action au regard\ndu bilan du délégué à la\nprotection des données et\ns’assurer de leur mise en\nœuvre et de leur\namélioration continue.",[],[],{"id":259,"slug":260,"label":261,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":13,"questions":262,"sections":370},"66567416-76a0-4c3c-9420-054ca2ea4b27","registre-des-traitements","Registre des traitements",[263],{"id":264,"slug":265,"label":266,"tooltipHtml":13,"descriptionHtml":267,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":268,"displayConditions":9,"answers":269,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"4741325a-59ba-4256-9d01-739bbb2c7442","definition-tenue-a-jour-et-communication-des-politiques-et-procedures-generales-relatives-a-la-gestion-des-donnees-personnelles-et-a-la-protection-de-la-vie-privee-charte-dutilisation-du-systeme-dinformation-clauses-contractuelles-types-etc-verification-de-leur-application-et-declenchement-des-eventuelles-mesures-prevues-en-cas-de-manquement_1_1","Quelles mesures sont mises en place pour recenser les traitements et mettre à jour la liste des traitements ?","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués :\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Recenser et tenir à jour la liste des traitements\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Identification et tenue à jour de l'inventaire des traitements de données personnelles, des données et des flux de données qui leurs sont associés.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Délégué à la protection des données (DPO)\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[270,303,327,347,360,366],{"id":271,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":272},"95925b11-2695-4a1f-8e78-4f10daad59bb",[273,276,279,282,285,288,291,294,297,300],{"id":274,"label":275,"userId":9,"color":49,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ffbd7a2b-7d2e-4298-bbdd-a2f0f9483b3d","Utiliser et mettre à jour les registres en continu​",{"id":277,"label":278,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"1e04f252-0941-4bd3-bdca-06d5cbeff4d0","Lister les actifs​",{"id":280,"label":281,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"90ae5889-b7db-4146-9d9f-4ea63fa609a8"," Contrôler les registres​",{"id":283,"label":284,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f9d58704-7a19-42ff-a365-171c4d0ae167","Lister les ​sous-traitants et prestataires",{"id":286,"label":287,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2d518b1f-de11-46b2-9c61-82b31e40f522","Identifier la destination et les destinataires des données​",{"id":289,"label":290,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"40536e10-3a34-488d-988e-ce858857b61c","Lister les clients​",{"id":292,"label":293,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"b1717d54-3e88-440c-9465-5d1b732c513b","Recenser les points de collecte et de stockage des données​",{"id":295,"label":296,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ea32ee6a-8cb3-4624-b96b-becd426140fc","Tenir les registres​",{"id":298,"label":299,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"afc731f8-f1bd-4187-80e1-2d0c8bf46d27","Rencontrer les personnes clés​",{"id":301,"label":302,"userId":9,"color":74,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"a216881e-b44f-4f33-809e-a001d24529be","Lister les activités​",{"id":304,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":305,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":306},"114003cd-10e4-429a-b6af-41726c13613a","Les services sont capables d’identifier les traitements de données personnelles qu’ils mettent en œuvre.",[307,309,311,314,317,319,321,323,325],{"id":308,"label":275,"userId":9,"color":49,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"cedb841f-87be-43e6-b14d-eae2c8384a4d",{"id":310,"label":278,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"06886edb-6762-4949-847d-00e76ecf2a35",{"id":312,"label":313,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e6e37c09-09bc-4654-bdf0-3f1f3ec9f77b","Contrôler les registres​",{"id":315,"label":316,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ecfc0ccc-e749-4b90-8152-298184487d2a","Lister les sous-traitants et prestataires",{"id":318,"label":287,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0507201d-def6-4ad9-88cf-b73cccc8c99a",{"id":320,"label":290,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9829e993-76d4-4dbc-9364-df44e7d59f9d",{"id":322,"label":293,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"287c7880-5b2b-457d-ae0d-2770bc7d51d5",{"id":324,"label":296,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6e323aa9-e8f8-4c40-8516-7fd8d0e86ea0",{"id":326,"label":299,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c87d398e-c8f7-4cc7-be06-05565eb7bec8",{"id":328,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":329,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":330},"25bae1cd-c8a8-4487-aaf5-b6d3f7271efa","Les traitements de\ndonnées personnelles\nsont identifiés et/ou\nsignalés de manière\ncentralisée.",[331,333,335,337,339,341,343,345],{"id":332,"label":275,"userId":9,"color":49,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"d9390499-18af-48f2-83ca-fa9269ec152c",{"id":334,"label":278,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"39c3e0a4-6343-4114-b732-bafb0ac0128b",{"id":336,"label":313,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"158ab266-8456-4ff2-bb3f-0cc70afcd51f",{"id":338,"label":316,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6834a482-937c-4515-b753-38a4d5ab6d2e",{"id":340,"label":287,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ec6adf75-4a92-4650-b7b6-e88ce19f001c",{"id":342,"label":290,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9e2c15ec-7726-4857-8c06-e3f2494c3620",{"id":344,"label":293,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"b03efa7f-bc52-4b86-9c11-c58ea4819924",{"id":346,"label":296,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"16a6ca6b-25a6-4273-b041-b6f899d1fcee",{"id":348,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":349,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":350},"bba93e85-c36d-41ba-9a57-5ec6d4d8a9b7","Un registre des activités\nde traitement, conforme\nau RGPD, est tenu.",[351,353,355,357],{"id":352,"label":275,"userId":9,"color":49,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ecc5f5ae-8e73-460d-bee8-248382742aad",{"id":354,"label":278,"userId":9,"color":84,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"bd0d4189-0709-4715-a6ae-36dfa3959004",{"id":356,"label":313,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"1f6a2265-da44-4480-8991-f0737261b81a",{"id":358,"label":359,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"fbbcd634-d168-484a-90bf-e77029f42959","Lister les ​sous-traitants et prestataires​",{"id":361,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":362,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":363},"8b2e8626-6278-4ce3-a549-07c48ef9b2c0","La complétude et la\nqualité du registre sont\nrégulièrement\nvérifiées. ",[364],{"id":365,"label":275,"userId":9,"color":49,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"073afb98-f86a-41a1-9a5b-0d7e2dc04e83",{"id":367,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":368,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":369},"50038b55-9780-4c33-bf86-253a3e75c50c","Le registre sert\nd'instrument de pilotage\ndes actions relatives aux\ntraitements de données\npersonnelles (ex. : il sert\nde recensement, mais\naussi d’instrument de\ngestion comparative des\nrisques et de suivi des\nplans d’action). ",[],[],{"id":372,"slug":373,"label":374,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":375,"questions":376,"sections":460},"c09dbb4e-583d-4655-b5b6-1e628a53fa9d","conformite-des-traitements","Conformité des traitements","\u003Cp>Évaluation des traitements de données personnelles existants ou en projet au regard des obligations légales et réglementaires en matière de protection des données (proportionnalité et nécessité, ainsi que droits des personnes), détermination de mesures pour améliorer la conformité (y compris des clauses contractuelles types), conseil au responsable de traitement et vérification de la mise en œuvre des mesures prévues.\u003C/p>",[377],{"id":378,"slug":379,"label":380,"tooltipHtml":9,"descriptionHtml":381,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":382,"displayConditions":9,"answers":383,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"d0276121-f9ab-4790-a918-13a497bf7cba","0f841768-f40f-49d4-813b-5b8489ce9344","Comment est assurée la conformité juridique des traitements ? ","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Assurer la conformité juridique des traitements.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Évaluation des traitements de données personnelles existants ou en projet au regard des obligations légales et réglementaires en matière de protection des données (proportionnalité et nécessité, ainsi que droits des personnes), détermination de mesures pour améliorer la conformité (y compris des clauses contractuelles types), conseil au responsable de traitement et vérification de la mise en œuvre des mesures prévues.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Directions métiers concernées, direction juridique, direction des achats, DPO, responsable de la sécurité des systèmes d’information (RSSI), équipes projet.\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[384,410,428,441,450,457],{"id":385,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":386},"f4ac82de-e211-4fab-b54c-a951c00f1329",[387,389,392,395,398,401,404,407],{"id":388,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"158e6710-0caa-44bc-b3db-22471da37d4b",{"id":390,"label":391,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"5e487c00-b25e-405c-9645-9e1b1aae9c97","Réaliser une veille juridique et technique​",{"id":393,"label":394,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2d0446ef-846c-4078-96f3-0d9af3e3bd56","Réaliser des contrôles et des audits réguliers​",{"id":396,"label":397,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"020fc0e9-d3c8-409e-8c5e-889595b34e71","Créer la procédure sur la conformité RGPD des projets​",{"id":399,"label":400,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0e91f167-1b77-4f63-a9ae-cfd0003c64d6","Créer la procédure sur l’information des personnes​",{"id":402,"label":403,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"7b4427d5-0f76-49f6-bf8f-85224b6facf4","  Revoir la conformité de chaque traitement​",{"id":405,"label":406,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"98040600-fae5-4875-877e-7d7b75a4bf25","Mettre à jour les contrats en incluant les clauses RGPD(clients, sous-traitants)",{"id":408,"label":409,"userId":9,"color":74,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"80ffcfcb-7f44-4b9d-8375-b00be219cb29"," Prévoir l’information des personnes lors des principales collectes​",{"id":411,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":305,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":412},"0ef1bd19-5537-4f5b-b687-2f3181f4f897",[413,415,417,419,421,423,426],{"id":414,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"53bfd0df-bbe6-41cf-9dbe-eba4d4747826",{"id":416,"label":391,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e9dffbcb-3990-44e5-a953-9735609bbc12",{"id":418,"label":394,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"51a8c0af-86c4-4e13-83c2-b42a612098ef",{"id":420,"label":397,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e6788878-ba6c-4584-bfef-87cc083d55c8",{"id":422,"label":400,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"46088305-7c25-4533-9ed3-6e517a444e8f",{"id":424,"label":425,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"5c1658c8-83fc-4d0e-bbb0-422a6e8a651d","Revoir la conformité de chaque traitement​",{"id":427,"label":406,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0368a75c-9dd0-449d-b52a-fb27b52f023d",{"id":429,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":329,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":430},"dcc42f1e-a37f-4d8a-8f9d-c5a66319e5f5",[431,433,435,437,439],{"id":432,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"b2b6a549-cc16-4e67-a699-a6177d962f67",{"id":434,"label":391,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"20e432b1-e441-4069-ad5c-70a48c06ce28",{"id":436,"label":394,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"5e7f5895-639f-491f-b9e7-a1bd2ceebf78",{"id":438,"label":397,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"fa442a23-992c-4f3a-bac3-dbf0a54e99aa",{"id":440,"label":400,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"4437e9e0-1396-4869-83cf-fdc685934606",{"id":442,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":349,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":443},"36374b4f-1297-4b45-a76b-f8f4139e114d",[444,446,448],{"id":445,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"41a7f356-b04b-47d8-b904-f8d6ad928a3c",{"id":447,"label":391,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"86c1676f-410f-410b-aa16-69d8ca645639",{"id":449,"label":394,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8ed7f59a-be69-45c0-b470-707b21b2fa9e",{"id":451,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":362,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":452},"c9b91bfa-371b-475e-b4c0-f69e3d1241f2",[453,455],{"id":454,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"bd6469fa-3c12-430f-bf13-99f96c27e8dd",{"id":456,"label":391,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"af79e966-3817-4880-895a-da06c3cde6c6",{"id":458,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":368,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":459},"f532b4a7-b396-4b84-826c-e3c5fc2d55a3",[],[],{"id":462,"slug":463,"label":464,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":465,"questions":466,"sections":553},"1bebf5b1-4eeb-4974-8375-f813ac5f370d","formation-sensibilisation","Formation / Sensibilisation","\u003Cp>Diffusion de la connaissance et création ou renforcement des compétences internes concernant la protection des données. Note : les sessions de formation/sensibilisation doivent permettre de garantir la bonne connaissance de la politique de protection des données de la part du personnel.\u003C/p>",[467],{"id":468,"slug":469,"label":470,"tooltipHtml":9,"descriptionHtml":471,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":472,"displayConditions":9,"answers":473,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"be35ef5e-f8cd-4b7a-a784-456fdc00f305","32c18bfc-3944-4288-8108-5a8179a2ef46","Qui est formé et sensibilisé et comment s'effectue cette formation/sensibilisation ? ","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Former et sensibiliser.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Diffusion de la connaissance et création ou renforcement des compétences internes concernant la protection des données. Note : les sessions de formation/sensibilisation doivent permettre de garantir la bonne connaissance de la politique de protection des données de la part du personnel.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>DPO, direction des ressources humaines, direction de la communication.\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[474,501,520,534,545,550],{"id":475,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":476},"19687ab7-1b83-4b7f-9342-dc463724a342",[477,480,483,486,489,492,495,498],{"id":478,"label":479,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ec4c96d6-1f42-435a-8684-a80b6b50523e","Ajouter des modules complémentaires au e-learning​",{"id":481,"label":482,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ad64b545-3880-453e-9975-d2eb18835e6a","Prévoir un module RGPD dans le parcours de formation des nouveaux arrivants​",{"id":484,"label":485,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"1d3377f1-e78a-4430-848b-ee73e9c9fb76","Créer des indicateurs de compréhension des sujets RGPD​",{"id":487,"label":488,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8d1c9ff2-aa82-4dc6-9e53-cce9eae957d6","Mettre en place un ​e-learning dédié​",{"id":490,"label":491,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c2a34c59-396f-47bc-8fad-bf9c1a796681"," Sensibiliser au RGPD tout le personnel​",{"id":493,"label":494,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"b0fb2ade-cf24-460d-8741-5b4b9898cb35","Créer des fiches pratiques et une FAQ​",{"id":496,"label":497,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"d68d7197-56ff-41a6-adcc-e7fe67cf1c24","Mettre en place un intranet RGPD​",{"id":499,"label":500,"userId":9,"color":74,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2332f301-81b0-4650-9d25-472b0fa37e9a","  Réaliser des sensibilisations ponctuelles​",{"id":502,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":305,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":503},"19b58b8d-66dc-4274-8a1b-d45481057ea5",[504,506,508,510,512,515,518],{"id":505,"label":479,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c405cf6d-8974-4315-9d71-35897613e948",{"id":507,"label":482,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"7c41b8c9-9972-4875-9cb8-f3239058b41d",{"id":509,"label":485,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c30ac9e2-ad11-46d3-9e80-94c9d36fd274",{"id":511,"label":488,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"4e847a78-820d-44fe-abfe-ff86e34fbd9d",{"id":513,"label":514,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0ed93382-d5bb-4697-b02d-21800d4cfb7b","Sensibiliser au RGPD tout le personnel​",{"id":516,"label":517,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"265c3f11-2aae-452b-88c8-ec990556eb65","    Créer des fiches pratiques et une FAQ​",{"id":519,"label":497,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"b1397f08-5f06-492f-bad3-f90235ff2064",{"id":521,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":329,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":522},"8f5c7b65-0d49-45c6-9534-85722d369c7e",[523,525,527,529,532],{"id":524,"label":479,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"49971733-a1fd-494d-a9ce-994de5fb75fe",{"id":526,"label":482,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"964c3075-0a5e-404f-bc3b-e8a690447a99",{"id":528,"label":485,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"57aa1032-5366-43b8-891e-6b63061c4793",{"id":530,"label":531,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6f223efd-1521-40aa-9916-e786a4dfa060","Mettre en place un ​e-learning dédié",{"id":533,"label":514,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f843fdff-522b-4114-8e1f-5505ea2bcf98",{"id":535,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":349,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":536},"47a036f2-3f1a-455a-aca1-0df2bf2d096e",[537,539,541,543],{"id":538,"label":479,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3256d5ec-9216-4f02-9608-4446fde84d18",{"id":540,"label":482,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"806f2640-7152-41cd-8895-c1acfea0da3a",{"id":542,"label":485,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8567bc33-306d-46c4-ac1b-b8ccfd8eeb78",{"id":544,"label":531,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c04676b5-14d6-48b7-b6a8-d7559b4408c3",{"id":546,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":362,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":547},"44cbee99-efd5-4df8-8b5e-6f18d133b88a",[548],{"id":549,"label":479,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"69ea0bce-da38-4d11-bb92-8b9e13cbf45f",{"id":551,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":368,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":552},"a8dfd54b-8b88-4421-b7d3-41eac6679d53",[],[],{"id":555,"slug":556,"label":557,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":558,"questions":559,"sections":644},"c1a5ced8-2936-4cad-8039-b68240b16981","exercice-des-droits","Exercice des droits","\u003Cp>Définition, mise en place, mise en œuvre et communication des moyens permettant la gestion des demandes d'exercice des droits des personnes concernées (ex : demandes de droit d’accès), des plaintes et autres réclamations internes et externes concernant la protection des données.\u003C/p>",[560],{"id":561,"slug":562,"label":563,"tooltipHtml":9,"descriptionHtml":564,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":565,"displayConditions":9,"answers":566,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"3708b47a-6e69-450d-b8fb-b81df69d2c73","95e6f164-f0e3-43e4-8e0f-112c91ca96d1","Comment est géré le traitement des demandes des usagers internes et externes ? ","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Traiter les demandes des usagers internes et externes.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Définition, mise en place, mise en œuvre et communication des moyens permettant la gestion des demandes d'exercice des droits des personnes concernées (ex : demandes de droit d’accès), des plaintes et autres réclamations internes et externes concernant la protection des données.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>DPO\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[567,593,610,627,636,641],{"id":568,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":569},"549f50e4-6a9a-49e9-a303-bdc0efb9f98b",[570,572,575,578,581,584,587,590],{"id":571,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"33b7e0fd-da88-4856-b405-f6f930d6130a",{"id":573,"label":574,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"11e7402a-7a08-4a02-bc97-81c3fad7ea96","Mettre en place des processus sur l’outil RGPD​",{"id":576,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f5f676e7-56ad-4001-bb16-799484adb43b","Créer et communiquer des indicateurs de suivi​",{"id":579,"label":580,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"145654db-997f-4ef9-aa40-ca07d97cb35a","Mettre en place un formulaire de contact sur les sites​",{"id":582,"label":583,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"23596f71-f0c6-4e9b-8502-b55bd83e73e6","Centraliser les demandes des personnes dans un registre dédié​",{"id":585,"label":586,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"d88859e1-8532-41e7-9819-cfbb3f572440"," Créer la procédure de gestion des demandes des personnes​",{"id":588,"label":589,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3079e798-a9ec-40aa-9b25-c365fb8ea26f","Utiliser des courriers types​",{"id":591,"label":592,"userId":9,"color":74,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"92d49e9d-caa3-4d7a-915f-d72f0737e9b7","Gérer les demandes au cas par cas​",{"id":594,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":305,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":595},"97eacc44-04df-4eb8-b294-2bbf54ffd960",[596,598,600,602,604,606,608],{"id":597,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9a932bf5-a2ef-41d1-bdbe-03502650d9f4",{"id":599,"label":574,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"d3109f6a-a3ab-44dc-87ac-887cdc3a051b",{"id":601,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2ce5055f-79c9-4409-bd34-838a2fecd574",{"id":603,"label":580,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8739c49e-ae0c-497c-8a41-b80b4edeead9",{"id":605,"label":583,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"17fa0abe-76b5-4361-905c-c50fdc145d47",{"id":607,"label":586,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f7bb6e7a-b087-401e-9b1d-4fa923e38faa",{"id":609,"label":589,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e09bc3d7-b1fc-4fbb-a4f1-ad024302c0b9",{"id":611,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":329,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":612},"3b74ffe2-6412-42fb-b673-4cc3c29252d0",[613,615,617,619,622,624],{"id":614,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e14b0480-faec-4834-b98d-e45ea3d9ebe2",{"id":616,"label":574,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"7eece662-6e26-4437-8cb2-a3911f0b23fa",{"id":618,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6f2943e4-6b9a-486b-abe3-0a81542d9d15",{"id":620,"label":621,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e07bae5f-3974-42c1-9d3d-24e3cd05a9dd"," Mettre en place un formulaire de contact sur les sites​",{"id":623,"label":583,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3a8935a9-54f5-4f40-9512-eb9981913475",{"id":625,"label":626,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f165ab2c-22e2-4399-8838-eec677898bfc","Créer la procédure de gestion des demandes des personnes​",{"id":628,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":349,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":629},"506ce749-a092-4b87-a72a-d7e27fb76639",[630,632,634],{"id":631,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2331316e-963d-4a5a-b3f0-8b2b5840f24b",{"id":633,"label":574,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0eacaa91-ccf3-48d3-9789-2f8f04072e05",{"id":635,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f4e3be54-cdb1-4cff-93de-16794081f979",{"id":637,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":362,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":638},"72303a7b-a7f0-494a-b978-9f91bbbffea6",[639],{"id":640,"label":161,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2e269778-5d6d-4406-9005-c2c3d48dfa27",{"id":642,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":368,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":643},"06a01390-1529-4553-b2be-e214734f6080",[],[],{"id":646,"slug":647,"label":648,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":649,"questions":650,"sections":724},"ee9f9fcb-20ef-4e3d-bbfb-83a115a8edb0","risques-de-securite","Risques de sécurité","\u003Cp>Appréciation des risques de sécurité que les traitements de données personnelles sont susceptibles d'engendrer sur les personnes concernées, détermination de mesures contribuant à les traiter (y compris des clauses contractuelles types) et vérification de la mise en œuvre des mesures prévues.\u003C/p>",[651],{"id":652,"slug":653,"label":654,"tooltipHtml":9,"descriptionHtml":655,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":656,"displayConditions":9,"answers":657,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"c45d999b-f012-4a01-a7f0-2814958bb283","7f290be5-e88c-4340-962a-cd649962e518","Comment sont gérés les risques de sécurité ? ","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Gérer les risques de sécurité.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Appréciation des risques de sécurité que les traitements de données personnelles sont susceptibles d'engendrer sur les personnes concernées, détermination de mesures contribuant à les traiter (y compris des clauses contractuelles types) et vérification de la mise en œuvre des mesures prévues.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Directions métiers concernées, direction juridique, direction des achats, DPO, responsable de la sécurité des systèmes d’information (RSSI), équipes projet.\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[658,682,697,709,716,721],{"id":659,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":660},"584753e2-5c36-435b-aab8-8f6d6ee9d5d0",[661,664,667,670,673,676,679],{"id":662,"label":663,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"abcbee18-18c0-4108-8a4c-ae8430537455","Réaliser une veille active sur les vulnérabilités​",{"id":665,"label":666,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"94d4123f-249c-4f11-8a08-0f7b005f6b9b","Vérifier les études de risques et les plans d’action​",{"id":668,"label":669,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"88deba1e-91f4-4151-880f-fbc71f6af476","Mettre en œuvre des plans d’actions suite aux études de risques (dont AIPD)​",{"id":671,"label":672,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"457cbd85-6bca-4cd8-b863-4f87e00f81b8","  Créer une procédure pour évaluer les risques et couvrant les Analyses d’Impact",{"id":674,"label":675,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"65c7c240-107d-4256-91a4-307c4985b19b"," Prévoir des clauses de confidentialité​",{"id":677,"label":678,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"5efcce86-0fbd-4b61-8393-dd9aa926fafa","Créer et utiliser des référentiels de mesures de sécurité​",{"id":680,"label":681,"userId":9,"color":74,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"22675a2e-8929-45db-a492-c4cacae14212","Mettre en place des mesures de sécurité élémentaires​",{"id":683,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":305,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":684},"8c87690a-2eaf-4851-a4d7-94f645df46a1",[685,687,689,691,693,695],{"id":686,"label":663,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e7c8a8c0-778c-405d-910f-4c4decdb50d0",{"id":688,"label":666,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"4e40542e-ba73-4b1e-a9bc-43b38b1c6ec0",{"id":690,"label":669,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"3fba563a-e11f-438f-8e1a-ee84cb6573f8",{"id":692,"label":672,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"24735346-f6b7-428e-8fd9-8293e9d69ab9",{"id":694,"label":675,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"8e3aa523-723d-41d5-92f5-70d97225defb",{"id":696,"label":678,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"b6d8608b-25c1-47db-91a9-83e0f2a45e41",{"id":698,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":329,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":699},"f9576f57-f264-40c5-b353-47745c9d0bd0",[700,702,704,706],{"id":701,"label":663,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"96c57fa1-f91e-470e-ae2b-a29cea38b9be",{"id":703,"label":666,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"87c590e8-77f3-4a3d-a541-a9a2aea0092f",{"id":705,"label":669,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"da6e34d6-a5cc-40bd-b722-338464626fda",{"id":707,"label":708,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9f067b46-078e-401a-a4ac-d01bde58fc90","Créer une procédure pour évaluer les risques et couvrant les Analyses d’Impact",{"id":710,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":349,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":711},"0d11ca46-36a3-4b62-af95-72c8b68dcd0f",[712,714],{"id":713,"label":663,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"f436d472-cd97-461c-84bf-7a700da82dd1",{"id":715,"label":666,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6b8493f0-4dd2-4059-b794-18405f0e2caf",{"id":717,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":362,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":718},"56b89b6a-8255-41c0-881f-32b8b21389f5",[719],{"id":720,"label":663,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"33f13788-76f4-40a2-8610-902b24ff4276",{"id":722,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":368,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":723},"4d30f34a-708f-454c-80d1-b0eb29d1d64c",[],[],{"id":726,"slug":727,"label":728,"emoji":9,"type":10,"typeIndex":11,"typeColor":9,"typeIcon":9,"typeText":12,"descriptionHtml":729,"questions":730,"sections":813},"6a38533e-2c4d-438a-917c-e8cb60759c7e","violations-de-donnees","Violations de données","\u003Cp>Identification, qualification, résolution des violations de données personnelles, notifications aux autorités de protection de données et communication aux personnes concernées, tenue d'un registre des violations.\u003C/p>",[731],{"id":732,"slug":733,"label":734,"tooltipHtml":9,"descriptionHtml":735,"badResponseCommentHtml":9,"goodResponseCommentHtml":9,"placeholder":9,"min":9,"max":9,"regex":9,"unit":9,"type":20,"typeIndex":21,"typeColor":9,"typeIcon":9,"typeText":22,"dynamicSelectType":9,"editableOptions":23,"complianceRules":736,"displayConditions":9,"answers":737,"listQuestions":9,"required":142,"requiredJustification":23,"suggestTask":23,"riskEnabled":142,"native":23},"31903e7e-4562-45c4-9ed5-d3a4efd9fb8c","8f9b35b4-dc86-4069-ae8f-715c5a8ba4ad","Comment sont gérées les violations de données ? ","\u003Ctable>\u003Ctbody>\u003Ctr>\u003Ctd>\u003Cp>\u003Cstrong>Actions\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Caractéristiques\u003C/strong>\u003C/p>\u003C/td>\u003Ctd>\u003Cp>\u003Cstrong>Responsables généralement impliqués\u003C/strong>\u003C/p>\u003C/td>\u003C/tr>\u003Ctr>\u003Ctd>\u003Cp>Gérer les violations de données.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>Identification, qualification, résolution des violations de données personnelles, notifications aux autorités de protection de données et communication aux personnes concernées, tenue d'un registre des violations.\u003C/p>\u003C/td>\u003Ctd>\u003Cp>DPO, directions métiers concernées, direction des risques, direction des systèmes d’information, direction de la communication, entités chargées de la gestion des incidents et de la gestion de crise.\u003C/p>\u003C/td>\u003C/tr>\u003C/tbody>\u003C/table>\u003Cp>\u003C/p>\u003Cp>-----------------------------------------\u003C/p>\u003Cp>Les réponses suivantes décrivent les cinq niveaux de maturité de manière générique. Chaque niveau représente la manière dont un organisme conçoit, met en œuvre, contrôle, maintient et assure le suivi d’une activité, quel que soit cette activité. L’atteinte d’un niveau suppose d’avoir déjà atteint le niveau précédent.\u003C/p>",[],[738,764,781,796,805,810],{"id":739,"color":28,"rangeValue":9,"label":29,"slug":9,"description":9,"score":11,"nonApplicable":23,"tooltip":30,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":740},"d326d4f5-da01-4ae3-98e5-5c3c88a4edb9",[741,744,747,749,752,755,758,761],{"id":742,"label":743,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"bd818a02-ecb4-4ad7-ac83-390da5b76877","Réaliser un bilan et alimenter les études de risques​",{"id":745,"label":746,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0629fde3-dd51-4388-b001-632f0df95ff3","Vérifier l’application des mesures correctives​",{"id":748,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"2e4c01ed-9393-412d-a024-dfa3aba32f15",{"id":750,"label":751,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e9f8ccee-03cb-4b68-a8ad-057130ebf25c","Prévoir un plan d’action suite à une violation​",{"id":753,"label":754,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"497b7824-3c77-4a3a-b92a-b6836aeb023f","Suivre et analyser les notifications dans un registre dédié​",{"id":756,"label":757,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"14b31373-89ca-4612-bf7d-3acc78f84628","Créer la procédure de gestion des violations de données​",{"id":759,"label":760,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"0622b0ec-1277-4cfe-8b88-d93422d01efa","Centraliser les alertes (boite mail dédiée et affichette)​",{"id":762,"label":763,"userId":9,"color":74,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"4b0de49b-3b9f-4455-a856-188004fb1637","Gérer ponctuellement des incidents de sécurité​",{"id":765,"color":39,"rangeValue":9,"label":78,"slug":9,"description":9,"score":79,"nonApplicable":23,"tooltip":305,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":766},"0c18c761-c305-4625-93b9-bfd665a05023",[767,769,771,773,775,777,779],{"id":768,"label":743,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"dcfdab5e-8720-4ea0-9437-0888f7b39561",{"id":770,"label":746,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"d120bd8d-7cd5-47d9-a0eb-30c5d1dc43a8",{"id":772,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"ba6f2d47-4da2-427a-a3c6-8e360d74e5f5",{"id":774,"label":751,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e5e3dd28-b334-47fc-addf-fc7ef2e4634f",{"id":776,"label":754,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"5a2736be-a228-43d6-a732-16b7434aeab9",{"id":778,"label":757,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"40db22ac-0cab-4c5b-aede-b7d0d4e75777",{"id":780,"label":760,"userId":9,"color":69,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"76687000-801d-449e-93a9-688825e69bd7",{"id":782,"color":74,"rangeValue":9,"label":102,"slug":9,"description":9,"score":38,"nonApplicable":23,"tooltip":329,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":783},"1d5280d2-f27b-4391-af18-5bb044eddaf9",[784,786,788,790,792,794],{"id":785,"label":743,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9ec190c5-bf55-4d93-8e9b-9353c61a6bd1",{"id":787,"label":746,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"37567218-52bf-4eb2-89fb-45388bfbee24",{"id":789,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"c11b3b50-2c45-4966-9c83-c173a2e809c7",{"id":791,"label":751,"userId":9,"color":54,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"9bf5fb28-2e44-4aff-9023-0032a1e0a1ef",{"id":793,"label":754,"userId":9,"color":59,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6b93fd43-4e24-4ad1-a863-2960bded8288",{"id":795,"label":757,"userId":9,"color":64,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"6702db90-cda7-433b-ac17-3bbe8afe8446",{"id":797,"color":35,"rangeValue":9,"label":117,"slug":9,"description":9,"score":118,"nonApplicable":23,"tooltip":349,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":798},"fd7d0143-31ee-400f-a798-787ad0e45367",[799,801,803],{"id":800,"label":743,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"06fe75f4-f3f9-4d37-acb5-7649f186cf5b",{"id":802,"label":746,"userId":9,"color":44,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"baa5603b-12be-4721-890b-ba10e0923853",{"id":804,"label":577,"userId":9,"color":35,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"362d20b4-1c9f-487f-af89-039bb6a48eb7",{"id":806,"color":44,"rangeValue":9,"label":129,"slug":9,"description":9,"score":130,"nonApplicable":23,"tooltip":362,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":807},"391b63ab-e768-4957-b1f9-ab662ad5c705",[808],{"id":809,"label":743,"userId":9,"color":39,"description":13,"priority":37,"priorityIndex":38,"priorityColor":39,"priorityIcon":9,"priorityText":40},"e2a80d0d-ee76-4922-9a21-fec9b920e8fa",{"id":811,"color":137,"rangeValue":9,"label":138,"slug":9,"description":9,"score":139,"nonApplicable":23,"tooltip":368,"goodAnswer":23,"redFlag":23,"impact":9,"probability":9,"taskSuggestions":812},"9302e3d7-87c4-49ed-8147-7f5e1e59aa43",[],[],[815,833,848,862,879,894,907],{"id":816,"label":817,"variant":818,"variantIndex":79,"variantColor":44,"variantIcon":819,"variantText":820,"contentHtml":821,"displayConditions":822},"2055882c-ac96-4297-8116-c5ee7ea43216","Votre maturité globale est très bonne","Success","icon-checkmark","Succès","\u003Cp>Votre processus est dynamique et adapté à toutes situations, l'analyse des mesures effectuées est définie, standardisée et formalisée. Les évolutions du processus sont tracées.\u003C/p>",{"id":823,"separator":824,"field":9,"operator":825,"value":9,"rules":826},"68216048-1fec-4cc0-b6ea-7a8dc6a7b64f","And","equal",[827],{"id":828,"separator":9,"field":829,"operator":830,"value":831,"rules":832},"e6559233-f749-43fd-a96d-530e892caccc","readiness","greaterThanInclusive","80",[],{"id":834,"label":835,"variant":818,"variantIndex":79,"variantColor":44,"variantIcon":819,"variantText":820,"contentHtml":836,"displayConditions":837},"e4ba94ed-d52c-4d07-9fea-0275064fbab4","Processus contrôlé","\u003Cp>Votre processus est coordonné dans tout le périmètre choisi et pour chaque exécution. Des mesures quantitatives sont régulièrement effectuées (en termes de performances, exemple : proportion des projets considérant la protection des données). Les mesures effectuées (indicateurs quantitatifs et qualitatifs) sont analysées (exemple : quelqu'un est chargé d'étudier les indicateurs et de proposer une analyse et un plan d'action). Des améliorations sont apportées au processus à partir de l'analyse des mesures effectuées.\u003C/p>\u003Cp>Cependant des améliorations peuvent être effectuées.\u003C/p>",{"id":838,"separator":824,"field":9,"operator":825,"value":9,"rules":839},"79797d29-4fd4-45fc-812d-c5057e053431",[840,844],{"id":841,"separator":9,"field":829,"operator":842,"value":831,"rules":843},"6eb9bf27-603c-4959-9624-a02320bef978","lessThan",[],{"id":845,"separator":9,"field":829,"operator":830,"value":846,"rules":847},"0c990215-6cbd-43ef-9ee2-7d8a1a4e2046","60",[],{"id":849,"label":850,"variant":818,"variantIndex":79,"variantColor":44,"variantIcon":819,"variantText":820,"contentHtml":851,"displayConditions":852},"0bf860ab-4f67-4e36-aef5-a93b29fd144d","Processus défini","\u003Cp>Les actions réalisées conformément à un processus défini (exemple : emploi de méthodes), standardisé (commun à tout l'organisme) et formalisé (existence d'une documentation). L'organisme soutient le processus (il accorde les ressources, les moyens et la formation nécessaire à son fonctionnement). Le processus est bien compris autant par le management que par les exécutants). Les personnes réalisant les actions possèdent les compétences appropriées au processus. \u003C/p>\u003Cp>Cependant, les processus manquent encore de maturité.\u003C/p>",{"id":853,"separator":824,"field":9,"operator":825,"value":9,"rules":854},"7ec17ff4-43a2-4be3-8295-ce20dcb37b7c",[855,858],{"id":856,"separator":9,"field":829,"operator":842,"value":846,"rules":857},"3ff20420-7723-4d48-9e27-e24e4537e9da",[],{"id":859,"separator":9,"field":829,"operator":830,"value":860,"rules":861},"b217fb9e-195a-4382-bad4-d08a0d79d7b9","40",[],{"id":863,"label":864,"variant":865,"variantIndex":38,"variantColor":39,"variantIcon":866,"variantText":867,"contentHtml":868,"displayConditions":869},"714e5546-e59c-47f7-83de-c9f3ebe8121b","Pratique répétable et suivie","Warning","icon-alert-circle","Point d'attention","\u003Cp>\u003Cstrong>Votre processus n'est pas encore mature.\u003C/strong>\u003C/p>\u003Cp>Les actions sont réalisées par une personne qui possède des compétences en protection des données. Les actions sont planifiées. Quelques pratiques sont formalisées, ce qui permet la duplication et la réutilisation (éventuellement par une autre personne). La protection des données est suivie par les dirigeants de l’organisme, mais tout le métier est loin de s’être impliqué. Des mesures qualitatives sont réalisées (indicateurs simples sur les résultats, par exemple : considération de la protection des données dans tel ou tel projet).\u003C/p>",{"id":870,"separator":824,"field":9,"operator":825,"value":9,"rules":871},"0f0a6353-6918-47a3-98ca-d4e13962f889",[872,876],{"id":873,"separator":9,"field":829,"operator":830,"value":874,"rules":875},"97ba6e9e-3801-4226-8223-af6fc04f5978","20",[],{"id":877,"separator":9,"field":829,"operator":842,"value":860,"rules":878},"2a4a3f83-a5b2-45cf-a3c2-5728d0d400d1",[],{"id":880,"label":881,"variant":865,"variantIndex":38,"variantColor":39,"variantIcon":866,"variantText":867,"contentHtml":882,"displayConditions":883},"6bd545a6-772d-45fa-8eef-5bc2d10bc424","Pratique informelle ","\u003Cp>\u003Cstrong>Votre processus n'est pas encore mature.\u003C/strong>\u003C/p>\u003Cp>Des actions sont réalisées en employant des pratiques de base. Elles sont mise en œuvre de manière informelle et en réaction à des demandes isolées, sans réel engagement des dirigeants de l'organisme ni réelle coordination entre eux qui mettent en œuvre des actions.\u003C/p>\u003Cp>Il convient de mettre en œuvre des mesures pour rendre ses processus plus matures.\u003C/p>",{"id":884,"separator":824,"field":9,"operator":825,"value":9,"rules":885},"2e1fd720-9701-4280-89f6-e72b0c6b1bb4",[886,889],{"id":887,"separator":9,"field":829,"operator":842,"value":874,"rules":888},"e3805977-0350-4a1a-b023-617fbb750ec7",[],{"id":890,"separator":9,"field":829,"operator":891,"value":892,"rules":893},"b1dcbbb3-aadf-4af3-beb6-40bce045c015","greaterThan","0",[],{"id":895,"label":896,"variant":897,"variantIndex":118,"variantColor":86,"variantIcon":898,"variantText":899,"contentHtml":900,"displayConditions":901},"01815fdc-e5e9-4104-ae85-ed62c9901dbf","Pratique inexistante ou incomplète","Danger","icon-alert-triangle","Problème/danger","\u003Cp>Votre processus n'est pas mature, il convient de prendre des mesures afin d'augmenter cette dernière.\u003C/p>\u003Cp>Rien n'est fait en matière de protection des données. Celle-ci n'est pas connue ou prise en charge au sein de l'organisme et le besoin n'est pas reconnu.\u003C/p>",{"id":902,"separator":824,"field":9,"operator":825,"value":9,"rules":903},"27bc3898-ebc2-49fc-9c7f-3c4e812239c7",[904],{"id":905,"separator":9,"field":829,"operator":825,"value":892,"rules":906},"f2134117-f4d4-4298-a72f-9754b2d57bb9",[],{"id":908,"label":909,"variant":818,"variantIndex":79,"variantColor":44,"variantIcon":819,"variantText":820,"contentHtml":910,"displayConditions":911},"cd765698-6403-49a0-bcb1-f0fb7b16a511","Les procédures de protection des données sont continuellement optimisées (amélioration continue)","\u003Cul>\u003Cli>\u003Cp>Le processus est adapté de façon dynamique à la situation (améliorations et changements directement intégrés). \u003C/p>\u003C/li>\u003Cli>\u003Cp>L’analyse des mesures effectuées est définie, standardisée et formalisée. \u003C/p>\u003C/li>\u003Cli>\u003Cp>L’amélioration du processus est définie, standardisée et formalisée. \u003C/p>\u003C/li>\u003Cli>\u003Cp>Les évolutions du processus sont tracées.\u003C/p>\u003C/li>\u003C/ul>",{"id":912,"separator":824,"field":9,"operator":825,"value":9,"rules":913},"4c129512-30da-4b70-9f5d-0cc320b770f0",[914],{"id":915,"separator":9,"field":16,"operator":825,"value":136,"rules":916},"a17848b7-89d0-465e-9074-966143a68078",[],"45ff12f6-1470-4299-09ab-08dc8ec3b89d","1.0","Questionnaire de maturité CNIL","bYkPoQuqgqN9QeYnSyAQ3UQdeLOddwtjaOLsPSmCPUPMihYr5RZzgTPZ8mrC",6,"2.0","https://static.dastra.eu/tenant-3/audit/xecZ6HX5TXvx4M/auto-evaluation-de-la-cnil-150.png","Autoévaluation de maturité en gestion de la protection des données par la CNIL","2024-06-17T11:50:44.6828291","2026-02-27T17:59:53.6776626","Compliance","Conformité cyber",{"id":930,"displayName":931,"familyName":932,"givenName":933,"email":934,"active":142,"color":935,"avatarUrl":936,"tenantId":11},31,"Jérôme de Mercey","de Mercey","Jérôme","jerome.demercey@dastra.eu","#99C691","https://static.dastra.eu/tenant-10/avatar/31/Zuh7XFZe5EnnTo/design-sans-titre-2-150.png",[],[939,947],{"id":940,"label":941,"type":942,"typeIndex":943,"typeColor":944,"typeIcon":945,"typeText":946,"color":28},"48db524d-e5d9-4140-b1f2-60a20ca38936","CNIL","AuditTemplate",9,"#83d162","ds-icon-audit","Modèle de questionnaire",{"id":948,"label":949,"type":942,"typeIndex":943,"typeColor":944,"typeIcon":945,"typeText":946,"color":64},"87b8e0f8-3e5f-435a-806f-f6011b1fa576","RGPD",8]