Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
SPANISH SUPERVISORY AUTHORITY: Evaluates-Risk GDPR

SPANISH SUPERVISORY AUTHORITY: Evaluates-Risk GDPR

The RISK ASSESSMENT GDPR tool aims to help data processors and controllers in identify risk factors for the rights and freedoms of data subjects whose data are present in the processing, to make a first assessment of the intrinsic risk, including the need to perform a DPIA, and to estimate residual risk if measures and guarantees are used to mitigate specific risk factors.

The purpose of this tool is to support managers and managers in their risk management process for rights and freedoms and, where appropriate, the implementation of the DPIA, in line with the “Risk management and impact assessment in personal data processing” published by the AEPD.

The risk factors deployed in this tool are not exhaustive, but minimal, and the responsible party must identify those that are specific to the treatment and include it in its evaluation.

The assessment of the level of risk for each factor carried out by the tool, as well as the final calculation of the level of risk, is of a general nature and involves a minimum assessment that: where appropriate, it shall be adjusted by the controller to determine the level of risk of the treatment accurately.

gestion-riesgo-y-evaluacion-impacto-en-tratamientos-datos-personales (1)

FONTE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA SPAGNA – AEPD

Recommended to you

Advanced Research