Yes , I need a log which would reflect if GDPR was activated /deactivated as well as any configuration related data.
This "data" would be used to have a snapshot of the configuration during 30 days for example. , this would also be a deliverable to the customer after we do an audit, so that he can see a history of GDPR configuration changes.
For example with the users , I can export the permisions to a CSV , also to used as an audit report.
Some customers may contract our services to manage the user security, and GDPR and we need to provide reports as deliverables .
At the same time they serve as references during meetings to determine what needs to be changed to meet future requirements.