O'Reilly logo

EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide - Second edition by ITGP Privacy Team

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 6: RISK MANAGEMENT AND DPIAS

The Regulation notes that controllers and processors “should evaluate the risks inherent in the processing and implement measures to mitigate those risks”115. This same consideration is mentioned several times throughout the Regulation, requiring the controller and the processor to take risks into account at many stages throughout the lifecycle of the personal data in question. While it stops short of saying that the organisation should have an explicit risk management programme, it is clear that a systematic and comprehensive approach is the best way to ensure compliance.

Risk management is now a standard expectation of corporate management and, while smaller organisations might manage risk relatively informally, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required