Chartered Institute of Procurement and Supply (CIPS) is the premier global organisation serving the procurement and supply profession https://www.cips.org/.  Consultants from Naomi Korn Associates have carried out an extensive review of their data protection documentation and interviewed key staff. Apart from drafting new contracts and contractual clauses, GDPR-ready deliverables drafted by Naomi Korn Associates, have included:

Privacy statement (including notices for links with external supplier/partner websites); Data Breach Policy; Data Breach Template; Data Handling Policy; Data Protection Impact Assessment ( DPIA) policy; Subject Access Request Policy and Procedure; Information Security Policy; Social Media policies; Third Party/Data Processor Policy (for examples for use by Suppliers); Risk Management Policies and review of Risk Registers.