Help Center
News
Help Center
News
Sign in
Document
Documents & PoliciesQuestionnairesControls & Technical and Organizational Measures (TOMs)Report ExplorerAsset RegisterFrameworksRecord of Processing Activities (ROPA)Exporting your ROPAVendorsImpact Assessments (IA)Legitimate Interest DocumentationsMeetings & ActivitiesRetentions & Deletions PeriodsData Collection Point (DCP)Add documents to vendors
DPIA
Assessments
ROPA
Assets
International Standards & Frameworks
TOMs & Controls
Categories & Attributes
Data Collection Points
Legal Basis
Legitimate Interest
Documents & Policies
Retention & Deletion
Data Flow
Vendors
Questionnaires
Manage
Process Risk OverviewData Flow Map
Dashboards
AI Assistance & Automation
Projects
Tasks
Meetings & Activities
Workflows & Automations
Reporting
React & Resolve
TasksProjectsIncidents & BreachesData Subject Requests
Risk Scenarios & Treatments
Incidents & Breaches
Release Notes
Q2 2026
Q1 2026
Q4 2025
Q3 2025
Q2 2025
Q1 2025
Q4 2024
Q3 2024
Q2 2024
Q1 2024
Q4 2023
Q3 2023
Q2 2023
Q1 2023
Q4 2022
Q3 2022
Getting Started
Quickstart GuideQuestionnairesTasksProcess Risk OverviewIT SettingsFrameworksThe Information Security / Asset Risk ModelData Subject RequestsDownloading an elementLegitimate Interest DocumentationsAssigning Audiences to ElementsDocuments & PoliciesControls & Technical and Organizational Measures (TOMs)General SettingsCreating attributes that fit your industryDocument list for onboardingThe Data Protection Risk ModelIncidents & BreachesProjectsManaging audiencesAdd documents to vendorsHow to answer an assessment/questionnaireSetting up the first organization or companyData Collection Point (DCP)Use AI to create elementsSetting Risk models in General SettingsSharing ElementsHow can a user change the language?Data Flow MapRecord of Processing Activities (ROPA)Time MachineCreate and evaluate assessments Company Widget FeatureAsset RegisterVendorsImpact Assessments (IA)Creating organizational unitsExporting your ROPAMeetings & ActivitiesTerms for legitimate processingRetentions & Deletions PeriodsHow to create a new user and how to change the password for loginReport ExplorerMaturity modelAdding risk scenarios to assets or asset groupsRelevant Risk SzenariosPriverion GRC Platform overviewDocument list for onboardingHow can a user change the language?Setting up the first organization or companyCreating attributes that fit your industry
User account
Sharing & Group functions
Features
How-To Guides & Tips
Get Help
Legal
Settings
General Settings
Compliance settings
Identity and access management
IT Settings
Risk Settings

Projects

The Projects screen is where compliance officers, DPOs, risk managers, and IT admins plan, track, and govern every privacy-related initiative in their organisation — from GDPR remediation programmes to vendor onboarding efforts — all in one place, fully connected to the rest of DPMS.

The Projects screen is your central hub for managing structured compliance initiatives. Whether you are running a GDPR remediation programme, rolling out a new data processing activity, or implementing a risk treatment plan, every project lives here — complete with its tasks, timelines, budgets, risk ratings, responsible people, and links to assessments, meetings, TOMs, and workflows. Because Projects is deeply woven into DPMS, changes you make here ripple through to the risk evaluation sub-system, the task tracker, and the audit trail — giving your whole team a single, governed view of what is happening and why.

How to open it

In the main left sidebar, click Projects. It is a top-level item — no sub-menu needed. You land directly on the project list.

Heads up: If you can see the Projects item in the sidebar but the page shows a "403 Forbidden" message, your account does not yet have read access to projects. Ask your DPMS administrator to assign the appropriate permission to your role.

What you see

The index page has two layers: a filter strip along the top and a data table below it.

The filter strip starts with five status tabs — All, Active, Draft, Inactive, and Review — that instantly narrow the list to projects in that lifecycle stage. To the right of the tabs is a view-mode toggle that switches the table into a Gantt chart (this toggle appears only when at least one project has tasks with deadlines set). The far-right corner holds the Create button.

Below the filter strip is a search and filter bar where you can type a project name or apply filter chips for responsible person, classification, workstream, deadline range, and more. The table itself shows: project name, priority (colour-coded circles), responsible persons (avatar chips), workstream, classification, deadline, and estimated effort. Hovering over any row reveals a three-dot action menu at the far right.

When you click a row, DPMS takes you to that project's detail view — a two-panel layout with a collapsible tab menu on the left and the project content on the right. At the top of the content area is a sticky header containing the status dropdown, priority dropdown, responsible persons picker, an AI button, and an Edit button. These controls stay visible as you scroll through any tab. Above the sticky header, a breadcrumb bar shows your location and provides left/right arrows for stepping through adjacent records in the filtered list without going back to the index.

Working with this screen

Creating a new project

When a new compliance initiative is approved — say, a DPIA rollout or a vendor risk review programme — you capture it here so it can be tracked and governed end-to-end.

  • On the index page, click the Create button in the top-right corner. A small dropdown opens; choose Create Project.
  • The project creation form opens. Fill in at minimum the project name (required in your working language), set the status (Draft is the default), and assign at least one responsible person. Add a classification tag and workstream if your organisation uses them — these appear as columns in the index list and help other team members filter the list.
  • Optional but recommended at this stage: set a deadline and an estimated effort (workload). These drive the progress bar on the Steps & Progress tab and make the Gantt view available on the index.
  • Click Save. DPMS creates the project and redirects you to its detail view, where you can start filling in the remaining tabs.
Tip: Use the AI autogenerate button in the sticky header to let the AI provider draft a project description or suggest relevant regulations, saving you time on the initial write-up. The button is only active if your IT administrator has configured an AI provider in IT Settings.

Monitoring and updating an ongoing project

Day-to-day, you will come back to a project to update its status, reassign ownership, or check what has changed since your last visit.

  • From the index page, click the status tab that matches your project (for example, Active) to narrow the list. If you are looking for a specific project, type its name into the search bar.
  • Click the project row to open the detail view.
  • To change the status — for example, moving a project from Active to Review before a board sign-off — click the status dropdown in the sticky header and select the new value. DPMS saves the change immediately without requiring you to open the edit form.
  • To change the priority (Low, Medium, High, Critical), use the priority dropdown in the same sticky header. This is useful when a newly identified threat elevates a project's urgency.
  • To hand over ownership, click the responsible persons picker and type the new owner's name. You can hold multiple responsible persons at once; the avatars update on screen right away.
  • To review what changed and when, click the Activity Log button — the clock icon near the top-right of the content area. A slide-in panel opens showing every status transition, field edit, and person assignment recorded against this project, along with the timestamp and the user who made each change.

Navigating a project's tabs

Each project contains a rich set of sections, all accessible from the left-side tab menu (the panel that appears when you click the blue circle icon at the far left of the detail view). The tabs are:

  • General — the core description, classification, and metadata. You can edit the description directly in this view without opening the full edit form.
  • Cost & Impact — budget, cost level, and risk ratings (current and target).
  • Risk — expands into sub-tabs: Threshold, Scenarios, Implemented TOMs, Current Risk, Treatment Options, Treatment Plan, and Treatment Status. These sub-tabs only populate after you link at least one risk standard to the project.
  • Tasks — the linked tasks list (or Gantt view). See below for more detail.
  • Steps & Progress — a visual timeline with a progress bar and a drag-and-drop task hierarchy (drag-and-drop is only available in edit mode).
  • People — roles and assignees table. Requires Project Role tags to be created in Compliance Settings first.
  • RASCI — the responsibility assignment matrix. Add custom deliverable columns with the + button and assign R/A/S/C/I values per role.
  • Assessments — linked risk assessments. After linking an assessment that contains risk evaluation data, a popup will ask if you want to update the project's risk profile with those scores.
  • Meetings & Activities — linked meetings and activity records.
  • Workflows — the manual workflow overview with sub-tabs for Overview and Required Action.

To move quickly between tabs without clicking the menu, use the < and > arrows that appear next to the tab name in the breadcrumb bar. To move to the previous or next project in the filtered list, use the chevron arrows that appear next to the module title in the breadcrumb.

Managing tasks linked to a project

The Tasks tab gives you a live view of everything that needs to happen to deliver the project.

  • Open the project detail view and click Tasks in the left-side tab menu.
  • The tab shows a list of tasks linked to this project. Each row shows the task name, assignee, deadline, status, and workload.
  • To add a task, click Add and either create a new task or link an existing one from the DPMS task library.
  • To switch from the list to a Gantt timeline, use the view-mode toggle on the index page (the same toggle that controls the index view mode — it persists into the detail view).
  • If you want to change the order in which tasks appear or nest one task under another, click Edit in the sticky header and go to the Steps & Progress tab in the edit form. There, the task cards become draggable — drag a card to its new position, or drop it onto a parent card to make it a sub-task.

Reviewing the audit trail

For audit purposes — or simply to resolve a "who changed this and when?" question — the Activity Log is your go-to.

  • Open the project detail view.
  • Click the clock icon in the top-right area of the content panel. A drawer slides in from the right.
  • The drawer lists every recorded change in reverse chronological order: the field that changed, the old value, the new value, the user responsible, and the timestamp.
  • Scroll through the list or use it as a screenshot source for your audit report.
Heads up: The Activity Log button is hidden when you are viewing a project that has been shared with your workspace from another organisation (Consulted/Shared mode). In that situation, the owning organisation's change history is not visible to you by design.

Exporting project data

When you need to hand project records to an external audit tool or archive them:

  • Single project: Hover over the project row in the index list, click the three-dot icon that appears at the right end, and choose Export as JSON or Export as XLSX.
  • Multiple projects: Check the boxes next to the rows you want (or use the header checkbox to select all visible rows). An action bar appears at the bottom of the page; click Export and choose your format.
  • Import: If you have project records from another DPMS instance or a spreadsheet export, click the Create button and choose Import. Select the JSON or XLSX file. DPMS validates and imports the records, then returns you to the index.

Field reference

The following fields appear on the project creation / edit form and are worth understanding before you fill them in:

  • Project Name — Required. Enter the name in your active language. If your organisation operates in multiple languages, you can add translations; the index list resolves the name to each user's locale.
  • Status — Lifecycle stage of the project (Draft, Active, Inactive, Review, or any custom status your admin has created in Compliance Settings → Statuses → Projects). Determines which index tab the project appears under.
  • Priority — Low, Medium, High, or Critical. Shown as colour-coded circles in the index list. Sortable.
  • Responsible Persons — One or more users who own this project. Shown as avatar chips; drives the "filter by person" chip in the search bar. External users (accounts from outside your organisation) cannot be assigned.
  • Workstream — A tag-based classification used to group projects by business area (e.g., "IT Security," "HR Processes"). Configured in Compliance Settings → Tags.
  • Classification — Another tag field for categorising projects by type or regulatory context. Configured in Compliance Settings → Tags.
  • Deadline — Target completion date. Required for the Gantt view to appear on the index. Used in the progress bar calculation alongside linked task workloads.
  • Estimated Effort (Workload) — The total expected effort, stored in minutes and displayed as hours/days. Drives the progress bar together with the workloads of linked tasks.
  • Description, Benefits, Assumptions, Deliverables, Resource, Involvement, Tangible Ambition — Rich-text fields. Description can be edited inline on the detail view; the others require opening the edit form.

How this connects to the rest of DPMS

Projects sits at the crossroads of almost every DPMS module. Here is what to keep in mind:

  • Risk Settings must come first. The Risk tab in a project — covering Threshold, Scenarios, Current Risk, Treatment Options, and Treatment Plan — only fills with data after a risk standard has been linked to the project. Risk standards themselves are configured in the Risk Settings module. If your organisation has not set up risk standards yet, do that before trying to work with the Risk tab.
  • Compliance Settings → Tags → Project Roles must exist before you can use the People and RASCI tabs. On a fresh workspace, those tabs will show a warning banner with a link to create the necessary role tags.
  • IT Settings → AI Provider must be configured for the AI autogenerate button to be active. Once configured there, the button becomes available across all DPMS screens that support AI generation, not just Projects.
  • Assessments feed risk data into projects. When you link a completed assessment (e.g. a DPIA) to a project and that assessment contains risk evaluation data, DPMS will offer to update the project's risk ratings automatically. This keeps your risk profile in sync without manual re-entry.
  • Tasks linked here appear in the Tasks module. Creating or linking tasks from the Tasks tab of a project does not create a separate copy — it is the same task record visible in the global task list, just filtered and displayed in context here.
  • Workflows configured here drive approval processes. The Workflows tab lets you attach manual review and approval workflows. Once a workflow is triggered, the responsible approvers receive notifications and the Required Action sub-tab shows what they need to do.

After finishing a project setup, the natural next steps are: link relevant assessments, configure the risk standard, assign people and RASCI roles, break the work into tasks on the Steps & Progress tab, and trigger a workflow for approval if your governance process requires it.

Tips & common pitfalls

Heads up: The Risk tab is empty until you link a risk standard. Navigate to Risk → Standards within the project, select the applicable standard, and save. Only then will Threshold, Scenarios, and Treatment sub-tabs appear.
Tip: The previous/next arrows in the breadcrumb respect whatever filter you have active on the index. If you filtered to "Review" status before opening a project, the arrows step through only Review projects. This is very useful for batch review sessions — set your filter, open the first project, then arrow through the rest without returning to the list.
  • Status and priority changes save instantly via the sticky header dropdowns — you do not need to click Edit or Save. However, if two people edit the same project simultaneously, the second save will be rejected. DPMS will show an error asking you to reload the page to get the latest version before retrying.
  • Drag-and-drop task reordering is edit-mode only. In the detail view the task cards look interactive but cannot be dragged. Click Edit first, then go to Steps & Progress to reorder or nest tasks.
  • The Gantt toggle disappears if no tasks have deadlines. If you have added tasks but the toggle is not appearing, check that at least one linked task has a deadline date set.
  • The Activity Log is hidden in Shared/Consulted mode. If you are viewing a project shared from another organisation's workspace, the clock icon is intentionally absent — the owning organisation's audit trail is private to them.
  • Custom project roles must exist before assigning people. On a new workspace, go to Compliance Settings → Tags and create at least one Project Role tag before trying to populate the People or RASCI tabs.


Was this article helpful?

English
Powered by Product Fruits