Privacy Impact Assessment (PIA) - Unicis.Tech OÜ Docs

The Privacy Impact Assessment (PIA) module helps organizations evaluate and manage privacy risks related to personal data processing. It supports compliance with GDPR and other privacy regulations by ensuring that risks to individuals’ rights and freedoms are identified and mitigated.

To create a Privacy Impact Assessment:

Navigate to All Tasks
Select an existing task or create a new one
Navigate to the Privacy Impact Assessment tab
Click Register Privacy Impact Assessment
Follow the guided steps

Probability of Risk

The Probability of Risk refers to the likelihood that a specific risk will materialize:

Level	Description
Rare	Highly unlikely; requires an unusual combination of events to materialize
Unlikely	Not expected under normal conditions; low probability
Possible	Moderate likelihood; neither rare nor frequent
Probable	Likely to occur in most circumstances; predictable and regularly occurring
Severe	Almost certain to occur; highly predictable and frequent

Security of Risk (Impact)

The Security of Risk refers to the potential impact or severity in relation to data privacy — specifically the consequences of a loss of confidentiality, integrity, or availability of personal data:

Level	Description
Insignificant	Minimal operational impact; negligible costs; does not notably affect the data subject’s business or finances
Minor	Noticeable but limited impact; some costs; minor financial impact for the data subject; unlikely to significantly affect rights
Moderate	Substantial operational impact; very costly; considerable harm to the data subject; does not involve special categories
Major	Severe disruption; highly damaging and extremely costly; may involve special categories (e.g., criminal history or sensitive data); significant impact on rights and freedoms
Extreme	Complete operational failure; potentially unsurvivable; may have life-threatening consequences or severe impacts on personal freedoms

Risk Levels

Risk Levels are calculated by combining Probability and Security of Risk (Impact):

Level	Range	Indicator	Description
Low	1–3 (1%–12%)	Green	Rare or unlikely with insignificant or minor impact; minimal action required
Medium	4–9 (16%–36%)	Yellow	Possible with moderate impact; monitor and address with reasonable measures
High	10–16 (40%–64%)	Orange	Probable with major impact; prompt and proactive management required
Extreme	20–25 (80%–100%)	Red	Severe in both probability and impact; immediate action required

Dashboard

The PIA dashboard provides an overview of all assessments:

Column	Description
Register	Assessment identifier
Status	To Do / In Progress / Completed
Confidentiality & Integrity risk	Risk percentage
Availability risk	Risk percentage
Transparency & data minimization risk	Risk percentage
Actions	Edit / Delete

Add a PIA

A Privacy Impact Assessment can only be added via a Task in the Privacy Impact Assessment tab.

Open a task and navigate to the Privacy Impact Assessment tab
Click Register Privacy Impact Assessment
Follow the guided steps (required fields are marked with a red star)
Click Next to proceed through each step

Steps:

Data processing
Confidentiality and Integrity
Availability
Transparency and data minimization
Results
Corrective measures

Edit

Edit an existing assessment from the dashboard by clicking Actions → Edit.

Delete

Delete an assessment from the dashboard by clicking the Delete button.

Activity Logs

Access audit logs by opening the associated task and navigating to Audit Logs → Privacy Impact Assessment Audit Logs.

Logged events:

Created
Updated
Deleted

Unicis Platform

Unicis Atlassian Apps

Unicis Services

Privacy & Data Protection

Cybersecurity & IT Security

Compliance & Legal Management