October 2019
Intermediate to advanced
390 pages
6h 36m
English
The DPIA is one of the specific processes mandated by the GDPR. Many organisations will be required to conduct DPIAs and, in many instances, an organisation may find it a valuable process even when a DPIA is not required by the Regulation.
DPIAs are used to identify specific risks to personal data as a result of processing activities and the significance of their role in a PIMS could be compared to that of the information security risk assessments required by ISO/IEC 27001 and described in ISO/IEC 27005 (see chapter 11). DPIAs naturally have a greater focus on data protection and privacy, of course, so a more focused model is valuable. The Regulation describes the purpose of DPIAs: ...
Read now
Unlock full access