ISO 27001 and GDPR

Personal Data Protection Policy, Website Privacy Policy, Data Retention Policy, Data Retention Schedule, Data, Protection Officer Job Description, Cookie Policy, Inventory of Processing Activities, Data Subject Consent Form, Data Subject Consent Withdrawal Form, Parental Consent Form, Parental Consent Withdrawal Form, DPIA Register, Standard Contractual Clauses for the Transfer of Personal Data to Controllers, Standard Contractual Clauses for the, Transfer of Personal Data to Processors, Supplier Data Processing Agreement, Data Breach Response and, Notification Procedure, Data Breach Register, Data Breach Notification Form to the Supervisory Authority, Data, Breach Notification Form to Data Subjects, Data Subject Access Request Procedure, Data Subject Access Request Form, Data Subject Disclosure Form, Data Protection Impact Assessment Methodology, Cross Border Personal Data, Transfer Procedure, IT Security Policy, Access Control Policy, Security Procedures for IT Department, Bring Your Own, Device (BYOD) Policy, Mobile Device and Teleworking Policy, Clear Desk and Clear Screen Policy, Anonymization and Pseudonymization Policy, Policy on the Use of Encryption, Disaster Recovery Plan.

Answer:

Here you can find a list that specifies which documents cover the requirements of ISO 27001, and which are focused on GDPR: https://advisera.com/wp-content/uploads//sites/15/2019/04/List_of_documents_EU_GDPR_ISO_27001_Integrated_Documentation_Toolkit_EN.pdf

For example IT security policy complies with clauses ISO/IEC 27001 A.6.2.1, A.6.2.2, A.8.1.2, A.8.1.3, A.8.1.4, A.9.3.1, A.11.2.5, A.11.2.6, A.11.2.8, A.11.2.9, A.12.2.1, A.12.3.1, A.12.5.1, A.12.6.2, A.13.2.3, A.18.1.2 if they are marked as applicable on the ISO 27001 Statement of Applicability.

This article will provide you further explanation about ISO 27001 and GDPR:
- Does ISO 27001 implementation satisfy EU GDPR requirements? https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/