DPO review process

1. DPO Dashboard:

   • The DPO accesses the submitted PIA from their dashboard.

   • They see a list of assessments pending review, including yours.

Assessment Overview:

• Detailed Section Review:

  • The DPO first systematically reviews each section of the assessment:

    • Process Details

    • Data Elements

    • Data Subjects

    • Data Retention

    • Safeguards

    • Transfers

  • For each section, they evaluate:

    • Completeness of information

    • Accuracy of responses

    • Appropriateness of measures described

    • If the assigned level reflects the potential privacy impact

Adjusting risk levels and providing comments

The DPO can adjust the risk level for individual questions or sections by clicking on the risk indicator (e.g., High, Low) and selecting a different risk level from the dropdown menu.

This may also affect the overall risk associated with the questionnaire.

The DPO can also add risk association where they have not already been added.

Similarly, the DPO can also change the risk levels from the Risk Assessment page by expanding the sections and editing the inputs.

In the Overall Risk tab, the DPO can make changes to the Overall Risk and Overall Likeliness of Occurrence of the risk.

They can Remediation comments or Additional Comments, if any.