Risk assessment and management in accordance with GDPR
One of the most challenging obligations under the GDPR is to assess the risk of data subjects losing their rights and freedoms.
Such assessment is an important tool for confirming GDPR compliance, the lack of which may be the basis for imposing fines by the supervisory authority competent for an EU member state.
We specialize in the implementation of the risk management process. We create our own methods that we adapt to the client’s needs. We train and engage staff in the process of risk identification, analysis and assessment.
We implement a process of risk assessment in information security based on a methodology tailored to the requirements of a specific activity.
New regulations on the security of personal data in information systems often require a fresh approach. In the era of processing personal data in IT systems, their protection has become an even more complex process. Data controllers and security managers are required to take into account many legal provisions, analysis methods and the ability to determine technical protection measures. It is the adequacy of security to the risk, especially the right choice of countermeasures, that is the main task that we effectively perform in the area of organisational, IT and physical securit
Risk is considered as an element of the management system:
- in the activities of public institutions,
- in commercial companies.
We help assess the risks associated with the technologies used, including information systems.
We analyse the potential impact of actions taken, including the impact of likely breaches of contractual and regulatory requirements. We consider factors in determining the impact of uncertainty on objectives, both external and internal.