Assessing Risks
The first step when performing a DPIA consists in defining and assessing risks.
Creating Risks
To define risks in HOPEX GDPR:
1. In the DPIA window, expand the Risks on Privacy section.
2. In the different tabs corresponding to the different types of risks, click New to create a risk.
It is possible to distinguish between the following types of risks:
• Illegitimate Access
• Data Loss
• Data Integrity
• Data Unavailability
• Unlawful Processing
Risk Properties
Likelihood
• rare
• unlikely
• likely
• very likely
Risk severity
• negligible
• limited
• important
• maximum
Data subjects impacts
Here you can enter a description of the main impacts for the data subjects if the risk occurs.
Risk causes
Here you can enter the most common causes that could lead to the risk.
Security Measures
Here you can select a group of security measures taken to remediate the risk.
Security measures are reference data defined by the functional administrator. For more information, see Security Measures.• Technical
• Organizational
• Certification
For more information on groups of security measures, see Specifying security measures on a processing activity.