Risk Assessment - DPIA
Intro
The objective of this material is to offer methodological guidance on risk-based security and privacy protection. In particular, the material describes in detail the information security risk assessment and management process based on the relevant international standard ISO/IEC 27005 (2018). In sequence, methodological guidance is provided for the data protection impact analysis based on the recommendations by the National Personal Data Protection Authority in France.
The material mainly targets DPOs, risk analysts, software engineers, security and privacy experts. The reader is expected to:
Understand the concept of risk in security and privacy protection
Become familiar with the security risk assessment activities and the selection of security strategies based on security risk analysis
Become familiar with the data protection impact analysis activities and the selection of privacy enhancing tools based on privacy risk analysis
Understand the similarities and differences between security risk analysis and data protection impact assessment