Data protection risk assessment—short form
Data protection risk assessment—short form

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Data protection risk assessment—short form

    1. 1

      Background information

      Assessment for:[state whether the assessment relates to the whole firm or a specific department]
      Person conducting assessment[insert name]
      Date of assessment[insert date]
    1. 2

      What personal data do you receive and/or hold?

      1. 2.1

        Consider and list the categories of personal data you receive and/or hold:

        1. 2.1.1

          [Client OR Customer OR names and addresses

        1. 2.1.2

          Client OR Customer OR orders and invoices

        1. 2.1.3

          Employee data including HR files

        1. 2.1.4

          [Supplier lists]

        1. 2.1.5

          [Information in CRM system]

        1. 2.1.6

          Client OR Customer OR website preferences/IP addresses

        1. 2.1.7

          [Insert other]

        1. 2.1.8

          [Insert other]

      1. 2.2

        Complete the table below, identifying associated risks and action points. For each risk you identify:

        —record an action point to address the risk immediately (this would be suitable for simple risks that can be resolved quickly), or

        —make a note to add the risk to your privacy risk register (which you should do for risks that cannot be addressed quickly and/or require complex solutions)

        QuestionAnswerAssociated risksAction point (if any)
        How do you receive data?[list different methods][Identify and insert risks for each method of receiving data]☐ No action required
        ☐ Immediate action to be taken—[describe action]
        ☐ Add to risk register
        How do you store data?[list different methods][Identify and insert risks for each method of storing data]☐ No action required
        ☐ Immediate action to be taken—[describe action]
        ☐ Add to risk register
    1. 3

      How do you process personal data?

      Complete the table below,

Related documents:

Popular documents