A systematic process of evaluating
the potential risks that may be involved in a projected activity or
undertaking. In other words, identify potential
hazards and analyze what could happen if a hazard occurs, specifically as it
pertains to data breach. This may include evaluation of the types of personal
information being received or sent, how sensitive they are, how much protection
might be required, and what levels of access authorization should be required.
Related Articles
Risk Assessment Factors (IAPP)
Number of breaches; number of outages; unauthorized access; lost assets; software viruses; investigations.
How long will it take to complete the self assessment questionnaire?
It is estimated that it will take one hour to complete the Readiness self-assessment questionnaire. A self-assessment may take longer should consultation or research be required to answer some of the questions. Progress within the self-assessment ...
Vulnerability Assessment
Also, known as vulnerability analysis, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure.
Privacy Assessment
An assessment of an organization’s compliance with its privacy policies and procedures, applicable laws, regulations, service-level agreements, standards adopted by the entity and other contracts. The assessment or audit measures how closely the ...
Sensitive Personal Information/Data (High Risk Data)/Special Categories of Data
(US) Sensitive personal information is generally synonymous with high risk data. The data, should it suffer loss of confidentiality, integrity, or availability, could have a significant detrimental or adverse impact to both the business (firm) and ...