Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of GDPR

Section 7.12  Records

The certification body should be required to keep all documentation complete, comprehensible, up-to-date and fit to audit.