Microsoft has recently launched the Compliance Manager Preview, which can help you assess how well your implementation of Office 365 is meeting various standards and regulations, such as the General Data Protection Regulation (GDPR), ISO 27001, and ISO 27018.
Once signed in to the preview, you just need to click Add Assessment.
Select Office 365 under the Select Product dropdown and click Next.
Select the Assessment, give it a name, and click Add to Dashboard.
Click the Assessment name to review the details of the assessment.
Under Customer Managed Controls, you can click on each item that needs to be assessed for more details.