You can perform risk assessments on your processing activities to determine their risk
scores and find out the privacy risk posture of your organization.
To understand the risk posture, the following assessments that are performed.
Criticality assessment: Provides the risk posture at the processing-activity level by assessing the factors at processing activity-level. When a processing activity is created or updated, a criticality
assessment is performed on the processing activity to understand the high-level risk score or the criticality score. See the following image to understand how you can initiate the criticality assessment.
Privacy risk assessment: Privacy risk assessments are detailed assessments that are conducted if the criticality score is high. Assess each risk that is associated with the processing activity and know
the aggregated risk score on the processing activity. After you assess the privacy risks, you can view the privacy risk posture on the risk heatmap in the overview section. The heatmaps provide detailed information about your
inherent and residual risks. See the following image to understand how you can initiate the detailed risk assessment.
The risk assessments results and the risk heatmaps appear on the processing activity home page
as shown in the following image.Figure 1. Risk scores on a processing activityFigure 2. Risk heatmap on the processing activity
