Identification of key risks from compliance perspective, based on probability and business impact. Some of the risks include:
- Unauthorized access to data (confidentiality);
- Unauthorized disclosure of data;
- Intentional/unintentional corruption of data (integrity);
- Violations of purpose limitation;
- Loss of data;
- Inadequacy of data (excessive and proportionality);
- Delayed answers to data subject requests;
- Absence of legal ground for processing;
- Lack of control and accountability
- Lack of clear data retention;