There is just less than one year left before the EU General Data Protection Regulation ("GDPR") will apply. Against this background, on 24 May 2017 one of the German data protection authorities – the Bavarian Data Protection Authority – published a questionnaire to help companies assess their readiness for, and level of compliance with, GDPR. The questionnaire also provides a first glimpse into how audits of data protection authorities might look like in future. It contains questions on the following topics: (1) structure of the company, including data protection officers, (2) records of processing activities, (3) involvement of external parties and data processing agreements, (4) information obligations and data subject rights, (5) accountability and handling of risks, and (6) personal data breaches. We have produced an unofficial English language translation of the survey for our clients which is available to our readers to download. Please click the download button below for your copy.