The documentation of processing activities is a new requirement for organisations under the GDPR. Documentation refers to keeping a record of processing activities such as:
- Processing purposes
- Data sharing
- Retention
Controllers and processors have their own documentation responsibilities. The ICO has produced a very handy checklists which explain the requirements under the GDPR and best practice recommendations. Take a look at it here.
Good luck all.