Assessing the risk of a data breach in 5 steps
When a personal data breach occurs, the data controller must assess the level of risk that the breach represents for data subjects.
This risk assessment is based on two criteria:
- the severity of the consequences for affected individuals (impact)
- the likelihood of damage occurring (probability).
To find out more, download the factsheet here.