Skip to Content
TS-RDC-06 Trust & Stewardship Risk, Data & Compliance CORE Compliance v2.9.7

GDPR accountability & DPIA log

Assesses a systematic approach to GDPR compliance, ensuring all new or changed data processing activities are screened for risk, full Data Protection Impact Assessments (DPIAs) are conducted where required, and a formal log is maintained to demonstrate accountability. This rigorous oversight embodies the Islamic principle of muhasabah (accountability) and the imperative of sadd al-dhara'i (blocking the means to harm) by proactively identifying and mitigating risks to safeguard privacy.

Quranic Verses
Surah 59:18
Surah 36:12
Surah 49:12
Surah 24:27
Hadith
Sahih Bukhari #6902
Sahih Muslim #2158
Sahih Muslim #2699
Fiqh Principles

Amānah

The principle of trust, safeguarding rights over personal information.

Lā ḍarar wa-lā ḍirār

No harm and no reciprocating harm; basis for risk assessment.

Sadd al-dharā’iʿ

Blocking the means to harm; proactive prevention of privacy risks.

Tajassus

Prohibition of spying/unnecessary intrusion (privacy by design).

Ḥifẓ al-ʿirḍ

Preservation of honor/dignity through data protection.

Islamic Concepts

Muḥāsabah

Accountability and oversight.

Adab

Etiquette of seeking permission (consent/transparency).

Iḥsān

Excellence; continuous improvement of privacy controls.

Related Criteria

TS-RDC-01 Multi‑scenario financial stress‑testing documented TS-RDC-02 Complaints & whistle-blowing mechanism TS-RDC-03 Due-diligence on delivery partners TS-RDC-04 Serious-incident reporting & escalation TS-RDC-05 Cyber-security baseline (NCSC Cyber Essentials – UK)
Version
2.9.7 2025-11-05

Discussion (1)

Administrator 2026-03-07 11:07:51.693135

📋 **Version updated: 1.0.0 → 2.9.7** **Changes:** Updated islamic_references from mizan-297.json

Sign in to post a comment.

Back to Criteria