Improve the performance of your internal audit and reduce the risks
Following the implementation of the new European Regulation 679/2016 GDPR - General Data Protection Regulation we have enriched RIBIA with new functionality that will help you evaluate your processes to ensure that the personal data protection measures you apply during their execution are adequate.
Your obligation to conduct Data Process Impact Assessment (DPIA) in your existing processes as well as in all the new processes you will apply to your business.
The Data Protection Impact Assessment, also known as DPIA, is a mandatory requirement under Article 35 of the GDPR.
When a process of your business is likely to lead to a risk concerning the rights and freedoms of natural persons, you as a controller must proceed to DPIA before you apply this process. In case that a process preexists the new Regulation you should review and reassess it with regard to Data Protection and if it is not satisfactory to redesign it.
Your business should be able to demonstrate that the principles that it follows through all its processes for the protection of Personal Data are being considered and taken seriously.
RIBIA as a tool for conducting DPIA leads you to secure results with respect to the level of protection of Personal Data.
It also targets areas that may require revision of processes and additional protection measures.
With RIBIA, DPIA is no longer a simple analysis and assessment of data protection risks. Instead, by comparing the control measures with the risks identified, it is part of a wider risk management process that your business should implement and execute.