There is EU GDPR Documentation Toolkit and DPIA Register template in it, it is written in description that: A document used by the organization to document the Data Protection Impact Analysis – it consists of the Threshold questionnaire that analyzes which data processing activities need to be analyzed and the DPIA questionnaire that assesses the risks and defines the security measures/safeguards. My question: Does that include risk database or that is spreadsheet I can fill myself only? Another words, do I need to identify a risk myself or there is a list of some I can choose from ?
The document does not include a list of risks nor it should since the risks vary from business to business from processing activity to processing activity and will most likely be different for each organization. So, you need to identify them by yourself and the questionnaire will help you with that.
To learn more about DPIAs check out our webinar “Seven steps of Data Protection Impact Assessment (DPIA) according to EU GDPR” https://advisera.com/eug dpracademy/webinar/seven-steps-of-data-protection-impact-assessment-dpia-according-to-eu-gdpr-free-webinar-on-demand/