Chapter 11. Risk Management and Privacy Impact Assessment

Learning Objectives

After studying this chapter, you should be able to:

  • Explain the overall risk assessment process

  • Provide a comparison of quantitative and qualitative risk assessment

  • Present an overview of the NIST and ISO risk management frameworks

  • Explain the major options for risk treatment

  • Explain the purpose of a privacy threshold analysis

  • Describe the major steps in a privacy impact analysis

  • Explain the purpose of a privacy impact analysis report

The EU General Data Protection Regulation (GDPR) describes a privacy impact assessment (PIA), referred to in the regulation as a data protection impact assessment, in the following terms:

Where a type of processing in particular using ...

Get Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.