Hi Michael
I'm stumpling about the description of DPO as the user who handles this. From my understanding the controller or a named processor has to handle this processes. The DPO controlls that the controler has organized all well and the practice is good. If the DPO himself organises the processes he can't control himself effectively. In consequence the wording should be changed.
Ralf