Help Center
News
Help Center
News
Getting Started
Quickstart GuidePriverion GRC Platform overviewDocument list for onboardingHow can a user change the language?Setting up the first organization or companyCreating attributes that fit your industry
Compliance Settings
IT Settings
Risk Settings
Modules
Sharing & Group functions
Assessments
Features
How-To Guides & Tips
Get Help
Release Notes

Quickstart Guide

The main intro to the platform

How is the Priverion Platform built up?

Dashboard

The dashboard provides a comprehensive overview of all pending and ongoing obligations. It helps keep track of tasks, effectively set priorities and plan resources.

  • Tasks: Overview of all upcoming tasks and the total workload. It also highlights overdue tasks.
  • Assessments: Displays the progress of ongoing assessments.
  • ROPA Risk: Shows existing gaps and the risk distribution across all ROPAs, allowing you to address the most urgent areas first.
  • Projects: Overview of planned projects, including details on urgency and timeline.

Menu 

  • Priverion Logo:  Return to the dashboard. 
  • Document, Manage, and React & Resolve: Navigate between the different elements of your documentation.
  • Plus Icon: Shortcuts, you can also find these functions in the respective elements.
  • Companies: If you have multiple companies, you can switch between documentations here.
  • Gear Icon: Settings

Element Types

Get an overview of the three tabs' respective elements for a structured navigation.

Element Structure

The elements are all similarly structured. First, you get to an overview page where the elements are organized by status. Using the search bar, you can quickly find the desired element. On the same page, new elements can be created. You will be taken to its editing page by clicking on a specific element, where you can navigate through the various tabs and linked elements.

How are the elements connected?

In the Priverion platform, all elements are interconnected.

  • The heart of this system is the Record of Processing Activities (ROPA), which documents all organizational processes involving personal data.
  • Data Collection Points are the interfaces through which personal data enters your organization. These could be forms, applications, or other points that collect personal information.
  • Once collected, the data flows into various Assets, such as software, databases, physical documents, etc. These assets may be owned by your organization (e.g., your servers) or provided by third-party vendors (e.g., a CRM system).
  • Assets are exposed to various Risks, including technical, human, and environmental risks.
  • Risks are mitigated through Technical and Organizational Measures (TOMs), which are designed to minimize potential threats.
  • Most data protection regulations require data to be deleted or anonymized once its purpose is fulfilled unless it is legally required to retain it. Priverion's Retention and Deletion Periods Library helps manage these requirements.
  • Additionally, a wide range of tools for management, documentation, and efficiency enhancement are integrated into the platform and linked to these core elements.

How does the Priverion Platform manage risk

Risk in Data Protection / Privacy

The Risk Model for Data Protection relates to processes (ROPA) and determines the risk from a data protection perspective. It focuses on personal data and evaluates how well the implemented measures protect this data. You can customize this model to fit your specific needs.

The Risk Assessment and treatment documentation for the Record of Processing Activities (ROPA) is carried out directly within the element, following this process:

  1. Identify Risk Scenarios
  2. Assess the Risk
  3. Select Appropriate TOMs
  4. Reevaluate the Risk After Treatment

This process ensures that risks related to processing activities are effectively identified, mitigated, and monitored.

Risk in Information Security

The Risk Model for InfoSec addresses risks related to assets. It includes all types of data, not only personal data, emphasizing information security and cybersecurity. This risk model assesses the impact of a loss of confidentiality, integrity, or availability of the assets.

The Asset Risk Model is defined per standard. The Risk Assessment for assets or asset groups is carried out as follows:

  1. Select Applicable Standards.
  2. Identify Potential Risk Scenarios.
  3. Link Implemented TOMs.
  4. Assess Current Risk.
  5. Define Suitable Treatment Options.
  6. Create a Treatment Plan.
  7. Reevaluate the Risk.

This process helps ensure that asset-related risks are correctly identified, mitigated, and reviewed following the relevant standards.

How the Priverion Platform collects information

  • Assessments: Information is gathered through assessments. Create templates to send questionnaires and review the answers directly on the platform.
  • Direct Input: Users manually enter data directly on the platform via input fields on the screen.
  • External Integrations: The platform integrates with external tools like Jira to collect and sync relevant data from external systems automatically.

This approach ensures data is collected efficiently through multiple channels: manual input, structured assessments, or integrated external systems.

 

 

Was this article helpful?

English
Powered by Product Fruits