The core model is a model definition for capturing the state of a business is relation to GDPR compliance.
The model definition consists of defining types and property types that can be used to describe a business, its systems, the data being processed and rights and articles being addressed.
The model is defined logically and then encoded using RDF.
The intention is that this core model captures the most critical aspects of managing compliance with GDPR. It is expected that many processes will capture more detail than this model provides for and in those cases the model should be expanded. The choice of RDF allows for these customisations and extensions.
The expectation is that this model provides not only a logical basis for analysis of a business but that the choice of a standard for encoding that analysis can be used and reused in a variety of different tools and processes such as visualisation, gap analysis, threat analysis, data auditing, and GDPR portal implementation.
This is a collaborative community activity to promote reuse and knowledge sharing in the space of GDPR. If you would like to contribute please create issues, or make pull requests. We are in the early stages of organising the process around the model development but hope to have some face to face meetings.
Larger proposals can be uploaded to strawman folder, and meeting notes will appear in the meetings folder.
Graham Moore (gra_moore), Simen Simen Sommerfeldt (sisomm)
... coming soon.