News
Citicus launches privacy impact assessment as-a-service capability
April 2017 by Emmanuelle Lamandé
The latest version of Citicus’ risk and compliance management software delivers a
capability to conduct privacy impact assessments (PIA) as required by the EU
General Data Protection Regulation (GDPR).
The Citicus PIA approach provides a triage assessment of information systems or
initiatives that involve the collection and processing of personal data. Risk
factors to personal data highlighted in the GDPR legislation can be identified in an
objective way and evaluated to determine the overall level of risk. Citicus’
software can then be used to identify and manage actions required to mitigate the
risk and to assess and track compliance with the GDPR requirements that data
controllers and data processors need to meet.
The Citicus PIA capabilities are available as software-as-a-service or through
on-premise implementation. The assessment process works ‘out-of-the-box’ but is
also customizable to meet local requirements. Completed assessments generate reports
highlighting the status of risk to personal data, the level of compliance with GDPR
requirements and real-time status of mitigating actions.
Completion of a structured privacy impact assessment provides an auditable,
evidence-based process for demonstrating best practice and enforces ‘privacy by
design’ – one of the cornerstones of the GDRP requirements.
