Identification of key risks from compliance perspective, based on probability and business impact. Some of the risks include:

  • Unauthorized access to data (confidentiality);
  • Unauthorized disclosure of data;
  • Intentional/unintentional corruption of data (integrity);
  • Violations of purpose limitation;
  • Loss of data;
  • Inadequacy of data (excessive and proportionality);
  • Delayed answers to data subject requests;
  • Absence of legal ground for processing;
  • Lack of control and accountability
  • Lack of clear data retention;