GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
Risk

Do we assess risk before implementing safeguards?

ANSWER

Yes, risk assessment is a key step before implementing safeguards specified in the Risk Treatment Plan, because it enables identification of currently existing threats and their potential impact on the organization. This is necessary to create a plan defining the planned implementation of new safeguards that will reduce the probability of threats occurring or limit their effects. After implementing the Risk Treatment Plan, however, risk should be estimated again to verify the effectiveness of the safeguards' impact on the threat.

Read also:

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.