Privacy Impact Assessment

Privacy Impact Assessment

"Technology changes are driving increased need to protect private information"

With rapid changes in technology (data volume and connectivity) and the new Australian privacy laws the need to protect private information is more important than ever. 

We assist clients to:

  • Understand the types of private information within their information systems;
  • Identify and manage risks to private information; and
  • Comply with legislative requirements.
Privacy Impact Assessment

The first step to managing private information is to create a Privacy Impact Assessment (PIA). A PIA is an assessment of the threats and risks to private information and a strategy of recommended controls to treat unacceptable risks.

To create the PIA we typically use workshops to leverage the knowledge of your staff. Your staff knows your business and processes better than anyone and using workshops results in a better PIA. In the workshops we go through flows and usage of private information, credible threats to that information and calculate the risk of the threat. The recommended actions to treat unacceptable risks are then discussed and agreed upon. The final step is to deliver a risk management strategy using this knowledge that can be used by senior management to make informed decisions.

In many ways the PIA is very similar to an information security Threat and Risk Assessment (TRA) as applied to private information. We use this experience to reduce the time and therefore cost to your organisation of developing a Privacy Impact Assessment.  

Contact us to discuss your cybersecurity requirements on 1300 521 622 or [email protected]

Other Services