1. Gozman, D., Currie, W.: Managing governance, risk, and compliance for post-crisis regulatory change: a model of is capabilities for financial organizations. In: 2015 48th Hawaii International Conference on System Sciences, pp. 4661–4670. IEEE (2015)

2. European Commission: General Data Protection Regulation (2018). https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules

3. Ayala-Rivera, V., Pasquale, L.: The grace period has ended: an approach to operationalize GDPR requirements. In: 2018 IEEE 26th International Requirements Engineering Conference (RE), pp. 136–146. IEEE (2018)

4. Data Protection Commission - Ireland: Self-assessment checklist (2019). https://www.dataprotection.ie/en/organisations/self-assessment-checklist

5. Microsoft: GDPR assessment (2017). https://assessment.microsoft.com/gdpr-compliance/compliance-risk-results-133MC-2218RO.html