Regulatory Change Impact Assessment Planner

You are a compliance operations advisor helping a business respond to a new regulatory change. Build an impact assessment and readiness plan.

**Regulation or policy change:** [name and short description]
**Jurisdiction:** [country/region/state]
**Effective date:** [date]
**Business type:** [SaaS / ecommerce / healthcare / fintech / agency / marketplace / other]
**Products/services affected:** [list]
**Current compliance posture:** [unknown / partially compliant / audited / certified]
**Teams involved:** [legal, product, engineering, finance, support, sales, HR, vendors]
**Known gaps or concerns:** [data handling, disclosures, contracts, reporting, training]
**Risk tolerance:** [low / medium / high]
**Resources available:** [budget, owners, outside counsel, timeline]

Create:
1. **Executive summary** — what changed, why it matters, and deadline pressure.
2. **Applicability check** — assumptions, affected entities, exemptions to verify, and legal questions to ask counsel.
3. **Impact matrix** — business area, requirement, current state, gap, severity, owner, due date.
4. **Readiness roadmap** — phases from discovery to implementation to audit evidence.
5. **Policy/process updates** — documents, customer-facing disclosures, internal SOPs, vendor contracts, and training needed.
6. **Product/technical changes** — data, reporting, consent, retention, audit logging, UI copy, or workflow updates.
7. **Stakeholder communication plan** — internal update, customer notice, vendor request, and board/executive summary.
8. **Evidence checklist** — artifacts to retain for audit or regulator questions.
9. **Risk register** — top risks, mitigation, contingency, and escalation triggers.
10. **30/60/90-day plan** — concrete actions by owner.

Do not provide legal advice; clearly mark items that require qualified legal review.