Risk assessment & mitigation
Under data-protection, there are several types of risks to consider:
- technical risks
- organisational risks
- privacy related risks
Risk assessment is a continuous improvement process. It requires several iterations to achieve an acceptable protection system.
Key Features
Risk assessment of digital assets
- Each asset from the built-in asset register can be assessed against risks and vulnerabilities;
- Ability to document the consequences on a per asset basis;
- Ability to document the mitigation plans.
Risk assessment of suppliers (such as operators)
- Each supplier from the built-in organisation register can be assessed against risks and vulnerabilities;
- Ability to document the consequences on a per organisation basis;
- Ability to document the mitigation plans.
Risk assessment of the processing activity
- Each processing activity from the built-in records of processing register can be assessed against risks and vulnerabilities;
- Ability to document the consequences on a per organisation basis;
- Ability to document the mitigation plans.
Assessment of the processing activity against the principles of the POPI Act
- Each process. or group of processes can be assessed against the POPI Principles
- Compliance score;
- Narrative of how the compliance to each of the principles is met.
General risk management features
- Risk assessments can be downloaded in word or excel format
- All risks are automatically added to the various modules (assets, organisations, services etc).
- Ability to add risks specific to your organisations;
- Tracking of the risk sources;
- Business and moral impact;