Instructor: Carlos Ebrecht, Senior Business Analyst
- Analyze the threshold workflow
- Inspect the Compliance Self Assessment workflow
- Examine whether a PIA or DPIA is needed
The Collibra Privacy & Risk Product provides the assessments necessary if a business process is likely to introduce a level of risk to the rights and freedoms of natural persons. A compliance score is derived from the business steward’s response to a list of predefined statements of preparedness, developed from a template provided by the information commissioner’s officer. The statements are grouped into the following seven checklists: Controllers checklist, processors checklist, information security checklist, direct marketing checklist, records management checklist, data sharing and subject assets checklist, and CCTV checklist. The threshold workflow will determine whether the DPIA or PIA is necessary. If the processing operations are deemed likely to result in a high risk to the rights and the freedom of natural people, a DPIA is required. If, while onboarding a new business process asset, legitimate interest is selected as the legal basis for processing personal data, the Legitimate Interest Assessment must be performed. This is also referred as the balancing test.