Security

Full list of security features

The GDPR Risk Tracker application has a ready list of protections corresponding to all threats selected by the user. Resources and risks that these threats may cause are also assigned to threats. The user therefore receives a full list of data that he can use when conducting a GDPR risk analysis for his organization.

The security measures and risks representative of the ISO 29134 standard defined and provided by the applications give the user confidence that they are relying on reliable data, and what's more, they are using representative cases and do not have to create them themselves. This allows you to focus on conducting the correct analysis. Additionally, it saves the user's time because he does not have to "invent" security measures and possible risks of a given situation on his own.

Resource list

The resource list has been prepared in accordance with the ISO 29134 standard and includes the following items:

  • Hardware - all equipment used for data processing. Servers, workstations, laptops, mobile phones and tablets.
  • Software - all programs and applications used for data processing.
  • Networks and data transmission - teletransmission, networks. Transmitting data electronically.
  • Users - all user activities, in particular the processing of personal data.
  • Data in paper form - all data stored in traditional (paper) form.
  • Paper document circulation - procedures and standards for document exchange.

The list of resources is complete, but if the system user wants to expand it to meet their individual needs, they can do so at any time. Each threat is connected to its corresponding resources, as well as to one or more risks.

Risks

The risks in question are risks of violating the rights of data subjects and result directly from Art. 32 section 2 GDPR. These are:

  • destruction,
  • loss,
  • modification,
  • disclosure,
  • unauthorized access.

The user selects from the available security measures (measures) those used in his organization and assigns them an appropriate value on a 4-grade rating scale. The security measures selected by the user will reduce individual risks.

Thanks to this, each person using the GDPR Risk Tracker application can independently assess whether the security measures used are sufficient, how to improve them and in what areas the quality and effectiveness of security measures should be improved to be sufficient due to the GDPR. The user can, of course, use sample analysis templates or take advantage of the possibility of expanding and customizing them themselves.

Threats Weight of processed data