Part 1: Description of the processing operations
Part 2: An assessment of the necessity and proportionality of the processing operations in relation to the purpose.
Part 3: The measures envisaged for addressing the risks and the safeguards, security measures and mechanisms to ensure the protection of personal data and to demonstrate compliance with the Data Protection Act.
Part 4:
Part 5: Sign-Off and Record Outcomes.