A high-level Checklist outlining key steps to take when seeking to implement and maintain appropriate data security measures under the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR). It highlights European Data Protection Board (EDPB) and EU Agency for Cybersecurity (ENISA) guidance resources, technical and organizational measures, and various compliance mechanisms. This Checklist is designed to be used with Practice Note, Data Security Under the GDPR.