The latest version of Citicus’ risk and compliance management software delivers a unique capability to conduct privacy impact assessments (PIA) as required by the EU General Data Protection Regulation (GDPR).
The Citicus PIA approach provides a triage assessment of information systems or initiatives that involve the collection and processing of personal data. Risk factors to personal data highlighted in the GDPR legislation can be identified in an objective way and evaluated to determine the overall level of risk. Citicus’ software can then be used to identify and manage actions required to mitigate the risk and to assess and track compliance with the GDPR requirements that data controllers and data processors need to meet.
The Citicus PIA capabilities are available as software-as-a-service or through on-premise implementation. The assessment process works ‘out-of-the-box’ but is also customizable to meet local requirements. Completed assessments generate reports highlighting the status of risk to personal data, the level of compliance with GDPR requirements and real-time status of mitigating actions.
Completion of a structured privacy impact assessment provides an auditable, evidence-based process for demonstrating best practice and enforces ‘privacy by design’ – one of the cornerstones of the GDRP requirements.
Simon Oxley, Managing Director at Citicus says,
"It’s been good practice to conduct privacy impact assessments on initiatives handling personal data for some time but now GDPR is making this a mandatory process. Organizations need to up their game in understanding and managing risks to the personal data they control and the penalties for data breaches will soon be substantial – up to 4% of global revenue – once the legislation comes into force in May 2018. A structured approach to conducting privacy impact assessments needs to be a key plank of any corporate strategy for getting into line with the GDPR requirements."
About Citicus (www.citicus.com)
Citicus Limited has been providing world-class automated risk management tools since 2000. Its flagship software – Citicus ONE - has been implemented in public and private sector enterprises of all sizes around the world. Citicus also provides training and consulting services to help customers implement their governance, risk and compliance initiatives successfully.
For more information, contact:
Simon Oxley or Sian Alcock, Citicus Limited
Tel: +44 (0)20 3126 4999