Controller Validation
Section 3 CDPA — Weighted Average Model (Threshold: 60%)
Organisation Details
13 Qualification Questions — Section 3 CDPA
Validation Successful
Your organisation qualifies as a Data Controller under Section 3 of the Cyber and Data Protection Act [Chapter 12:07] of Zimbabwe.
Validation Unsuccessful
Your organisation does not meet the minimum 60% weighted threshold. Please review your answers.
Compliance Assessment
Cyber & Data Protection Act [Chapter 12:07] — Section-by-Section
Organisation & Assessment Details
Compliance Results
Business Unit (Departmental) Maturity
Section 9: Overall Compliance Level Interpretation
| Compliance Level | Interpretation |
|---|---|
| 90-100% | Fully Compliant |
| 70-89% | Substantially Compliant – Some improvements needed |
| 50-69% | Partially Compliant – High-risk gaps |
| Below 50% | Non-Compliant – Immediate action required |
Gap Analysis
Auto-populated from assessment. Edit as needed.
| # | Gap Area | Current State | Required State | Description | Priority | Action | Responsible | Target Date | Evidence | Score |
|---|
Technical Recommendations
CDPA [Chapter 12:07] — Sections 11, 12, 16, 19 & 23
ROPA
CDPA [Chapter 12:07] — Mandatory Controller Record
Controller Details
Processing Activities
Data Protection Impact Assessment (DPIA)
CDPA [Chapter 12:07] — High-Risk Processing Assessment
Controller & DPO Details
Project / Processing Overview
Risk Analysis Catalogue
Measure & Protection Catalogue
RACI Matrix
Responsibility Assignment Matrix for Compliance Activities
Controller & DPO Details
| # | Activities | CEO | DPO | Project Owners | CISO | Legal |
|---|
DPO Dashboard
Organisation-wide compliance overview
All Assessments
All Controller Validations
All Gap Analyses
All ROPA Records
All DPIAs
All Security Gap Analyses
👥 Administration Dashboard
Manage users and view system audit logs
Departmental Assessment
Borrowing framework from core compliance to assess specific units
Departmental Remediation Plan
Actionable measures generated from identified gaps
Executive Conclusion & Recommendations
Security Gap Analysis
ISO/IEC 27001-aligned — 9 domains, 122 control items — CDPA [Chapter 12:07] integrated
CIA Assessment
Data Asset Confidentiality, Integrity & Availability Rating
Controller & DPO Details
| # | Data Asset / System | Confidentiality | Integrity | Availability | Rating |
|---|
Key Performance Indicators (KPIs)
Monitoring & Measuring Compliance Effectiveness
Controller & DPO Details
Assets Management
Register and maintain data processing assets
Organisation & Filter
| Asset Name | Type | Location | Owner | Classification | Status | Action |
|---|
Departmental Compliance Questions
Define department-specific compliance assessment questions
Department Selection
| # | Question | Category | Response | Evidence | Action |
|---|
Audit Log
System-wide record of all user actions and events
📜 Event Records
| # | Timestamp | User | Role | Action | Module |
|---|
📊 Customised Reports
Select modules and generate a tailored compliance report for any organisation
⚙️ Report Configuration
Select organisation & modules to includeSelect an organisation, choose the modules you want to include, then click “Generate Custom Report” to build a comprehensive compliance report.