In the context of risk analysis and assessment, the constant evolution and growth of organizations has led to an increase in the amount of information to be analyzed: a case is provided by the data processing registry, mandatory according to the GDPR. Quality and cost of risk analysis and assessment may be improved by using tools to automate certain steps. In this paper we propose an approach and a support tool for software-aided risk assessment integrated with the state-of-the-art privacy impact assessment (PIA) tool, to define how certain steps in the compilation of a DPIA (Data Protection Impact Assessment) can be automated. The resulting tool chain has been successfully applied to a case dealing with job placement data in a university.
A Tool to Support Automation of Risk Assessment
Mastroianni M.
;
2024-01-01
Abstract
In the context of risk analysis and assessment, the constant evolution and growth of organizations has led to an increase in the amount of information to be analyzed: a case is provided by the data processing registry, mandatory according to the GDPR. Quality and cost of risk analysis and assessment may be improved by using tools to automate certain steps. In this paper we propose an approach and a support tool for software-aided risk assessment integrated with the state-of-the-art privacy impact assessment (PIA) tool, to define how certain steps in the compilation of a DPIA (Data Protection Impact Assessment) can be automated. The resulting tool chain has been successfully applied to a case dealing with job placement data in a university.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
