Help Center
News
Help Center
News
Sign in
Document
Documents & PoliciesQuestionnairesControls & Technical and Organizational Measures (TOMs)Report ExplorerAsset RegisterFrameworksRecord of Processing Activities (ROPA)Exporting your ROPAVendorsImpact Assessments (IA)Legitimate Interest DocumentationsMeetings & ActivitiesRetentions & Deletions PeriodsData Collection Point (DCP)Add documents to vendors
DPIA
Assessments
ROPA
Assets
International Standards & Frameworks
TOMs & Controls
Categories & Attributes
Data Collection Points
Legal Basis
Legitimate Interest
Documents & Policies
Retention & Deletion
Data Flow
Vendors
Questionnaires
Manage
Process Risk OverviewData Flow Map
Dashboards
AI Assistance & Automation
Projects
Tasks
Meetings & Activities
Workflows & Automations
Reporting
React & Resolve
TasksProjectsIncidents & BreachesData Subject Requests
Risk Scenarios & Treatments
Incidents & Breaches
Release Notes
Q2 2026
Q1 2026
Q4 2025
Q3 2025
Q2 2025
Q1 2025
Q4 2024
Q3 2024
Q2 2024
Q1 2024
Q4 2023
Q3 2023
Q2 2023
Q1 2023
Q4 2022
Q3 2022
Getting Started
Quickstart GuideQuestionnairesTasksProcess Risk OverviewIT SettingsFrameworksThe Information Security / Asset Risk ModelData Subject RequestsDownloading an elementLegitimate Interest DocumentationsAssigning Audiences to ElementsDocuments & PoliciesControls & Technical and Organizational Measures (TOMs)General SettingsCreating attributes that fit your industryDocument list for onboardingThe Data Protection Risk ModelIncidents & BreachesProjectsManaging audiencesAdd documents to vendorsHow to answer an assessment/questionnaireSetting up the first organization or companyData Collection Point (DCP)Use AI to create elementsSetting Risk models in General SettingsSharing ElementsHow can a user change the language?Data Flow MapRecord of Processing Activities (ROPA)Time MachineCreate and evaluate assessments Company Widget FeatureAsset RegisterVendorsImpact Assessments (IA)Creating organizational unitsExporting your ROPAMeetings & ActivitiesTerms for legitimate processingRetentions & Deletions PeriodsHow to create a new user and how to change the password for loginReport ExplorerMaturity modelAdding risk scenarios to assets or asset groupsRelevant Risk SzenariosPriverion GRC Platform overviewDocument list for onboardingHow can a user change the language?Setting up the first organization or companyCreating attributes that fit your industry
User account
Sharing & Group functions
Features
How-To Guides & Tips
Get Help
Legal
Settings
General Settings
Compliance settings
Identity and access management
IT Settings
Risk Settings

Report Explorer

The Report Explorer is where DPOs, compliance officers, and IT administrators turn all the data stored in DPMS — processing activities, DPIAs, assets, vendors, and more — into downloadable documents ready for audits, regulatory submissions, or management reviews. This article walks you through creating both types of reports, monitoring generation progress, and downloading your finished documents.

The Report Explorer is the final step in your DPMS compliance workflow. Everything you have entered across the platform — processing activities, DPIAs, assets, TOMs, vendors, and more — can be crystallised here into a formal, printable document. Whether you need a bilingual PDF for a supervisory authority or a Word document mapping your controls against ISO 27001, this is where you come to build it.

Two report types are available. An Individual Report gives you full control: you choose which element types to include, which organisations are in scope, which languages to export, and you can apply detailed filters to narrow down exactly which records appear. A Compliance Report is simpler and more focused: it maps your company's data against a recognised standard (currently ISO 27001) and produces a structured Word document.

How to open it

Click Report Explorer in the main left-hand sidebar. This is a top-level item — you do not need to open any sub-menu. The list of all existing reports opens immediately.

You need the Report Explorer (read) permission to view the list and detail pages. To create new reports, you also need the Report Explorer (create) permission. If either permission is missing, you will see a "Forbidden" page instead of the screen. Check with your system administrator if you believe you should have access.


What you see

The main list page shows all reports your organisation has generated, in a filterable table. Across the top of the table are status tabs — All, Active, Draft, Inactive, and Review — so you can quickly filter down to only the reports you care about. A search bar sits above the table for finding a report by name. In the top-right corner of the content area, a Create button (with a small dropdown arrow) lets you start a new report.

The table has seven columns: Name, Status, Files, Organizational Scope, Type, Standard, and Requested By. The Files column is particularly useful — it shows a ratio like "2 / 3", meaning two out of three expected language files have finished generating. Rows that are still being generated display a small animated spinner next to the status value, so you can see at a glance which reports are ready and which are still in progress.

When you open a specific report, the detail view has two tabs in the left-hand panel: General (showing the report's configuration) and Files (where you download the finished documents). A breadcrumb at the top lets you jump back to the list, and left/right arrows let you step through reports one by one if you navigated from a filtered list.

Working with this screen

Creating an Individual Report for an audit

This is the most common task — for example, a DPO preparing a quarterly GDPR audit document covering processing activities for two subsidiaries, in both English and German.

  • On the Report Explorer list, click CreateCreate Individual Report. The creation form opens.
  • In the Name field, type a descriptive name such as "Q1 2025 GDPR Audit Report". If your organisation works in multiple languages, use the multi-language button next to the field to add a translation of the name.
  • In the Organization dropdown, select all the subsidiaries or entities whose data should be included. This is a required field — leaving it empty will prevent the report from saving.
  • In the Element Types dropdown, select the categories of DPMS data you want in the report — for example, ROPA (processing activities), DPIAs, or Assets. Again, at least one selection is required. As you add element types, a card for each one appears in the section below.
  • In the Languages dropdown, select every language you want an output file in. Selecting two languages means two separate PDF files will be generated. This field is also required.

  • In the Element Cards section, you will see one card per element type you selected. For each card, you can switch on up to three optional enrichments:
  • Display logs — includes activity log entries for each record.
  • Responsible person — adds the name of the responsible person alongside each record.
  • Document links — includes links to associated documents.
    You can also open the filter builder inside each card to narrow down which specific records are included. For example, you might filter DPIAs to only those classified as high risk. Important: if you start adding a filter row, you must complete all three parts (field, operator, value) before saving — a partially filled filter will block submission and highlight the card with a red border.
  • On the left side of the screen, the Estimated Report Size widget updates automatically as you make choices. It shows you approximately how many pages the report will contain and how long generation will take. Use this to decide whether to narrow your scope before submitting.
  • If you want to restrict the report to a specific time window — for example, "only records changed in Q1" — turn on the Timeframe toggle. A date-range picker appears; select your start and end dates. Leave this toggle off if you want a full current-state export.
  • Confirm that File Type shows PDF (this is the only option currently available). The Template dropdown shows "Priverion Base Template" but cannot be changed — this is expected behaviour, not a bug.
  • Click Save. DPMS submits your configuration, redirects you back to the report list, and your new report appears immediately with status "Initialized" and a spinner. The report is being generated in the background — you do not need to keep the page open. Come back in a few minutes; once the spinner disappears and the Files column shows the full count (e.g. "2 / 2"), your documents are ready.

Downloading a finished report

Once a report's status is Active and the Files column shows all expected files, open the report to get your documents.

  • Click the report's row in the list to open the detail view.
  • Click the Files tab in the left-hand panel.
  • You will see one entry per language file. Click the download link next to each file to save it to your computer.

If the Files tab shows an Error on report generation message instead of download links, the background job encountered a problem. See the "When something goes wrong" section below.


Creating a Compliance Report for ISO 27001

If you need to produce a structured mapping of your company's controls against ISO 27001 — for example, for an external certification audit — use the Compliance Report type.

  • Click CreateCreate Compliance Report.
  • Enter a Name for the report.
  • The Standard dropdown is already set to ISO 27001 — this is currently the only available option.
  • The File Format dropdown is already set to Word — again, the only current option.
  • Click Save. The report is queued and will appear in the list with a spinner while it generates.
  • Once complete, open the report and go to the Files tab to download your Word document.

When something goes wrong — reviewing errors and the activity log

If a report fails to generate (the spinner disappears but no files appear), follow these steps to understand what happened.

  • Open the report's detail view by clicking its row.
  • On the General tab, review the configuration: check which organisations, element types, and timeframe were set. Look for anything that might have caused an issue — for example, a filter that references a field no longer present in your data.
  • Click the Files tab. If a job failure occurred, you will see the heading Error on report generation with a description of the problem.
  • Click the clock icon (Activity Log) in the top-right area of the screen. This opens a timeline panel showing exactly when the job was created, when it started running, and when it failed. This is useful evidence if you need to escalate the issue to your system administrator.
  • Once you understand the cause, return to the Report Explorer list and create a new corrected report from scratch. Reports cannot be edited after creation.

Navigating between reports during an audit review

If you are systematically reviewing a set of reports — for example, all Individual Reports generated this quarter — you do not have to keep returning to the list between each one.

  • On the list page, apply any filters or search terms to narrow down the set of reports you want to review.
  • Click the first report to open its detail view. In the breadcrumb area at the top, you will see left (‹) and right (›) arrow icons.
  • Click the arrow to jump to the next report in your filtered set without going back to the list. If you are on the last report, the arrow becomes inactive.
  • Click the arrow to step back to the previous report.

Field reference

Name — The report's display name. Multi-language: you can enter translations using the button next to the field. Required for both report types.

Organization (Individual Report only) — The companies or subsidiaries whose data will be included. Multi-select. Required. If you manage multiple entities, selecting only the relevant ones keeps the report focused and reduces generation time.

Element Types (Individual Report only) — The categories of DPMS data to include (e.g. ROPA, DPIA, Assets). Multi-select. Required. Each selection creates an Element Card below where you can configure enrichments and filters.

Languages (Individual Report only) — The output languages. One PDF file is produced per language selected. Multi-select. Required. Only languages actively configured in your IT Settings appear here.

Display Logs (per Element Card) — Toggle. When on, the report includes activity log entries for each record of that element type.

Responsible Person (per Element Card) — Toggle. When on, each record in the report shows the name of its responsible person.

Document Links (per Element Card) — Toggle. When on, links to associated documents are included for each record.

Timeframe (Individual Report only) — Toggle. Off by default. When turned on, a date-range picker appears. Use this to produce a point-in-time snapshot rather than a full current-state export. Future dates cannot be selected. The default range when first enabled is the last 30 days.

File Type (Individual Report only) — Currently locked to PDF. No action needed.

Template (Individual Report only) — Currently locked to "Priverion Base Template". No action needed; custom templates are planned for a future release.

Standard (Compliance Report only) — Currently locked to ISO 27001.

File Format (Compliance Report only) — Currently locked to Word.

How this connects to the rest of DPMS

The Report Explorer sits at the end of your compliance workflow — it consumes data entered everywhere else in the platform. A few connections are worth knowing about:

  • IT Settings → Language Settings: The Languages selector in the Individual Report form only shows languages that are actively configured in IT Settings. If a language is missing from the dropdown, ask your IT administrator to enable it there first.
  • Company / entity setup: The Organisation dropdown only lists companies that have been registered in the platform. If a subsidiary is missing, it needs to be set up before you can include it in a report.
  • Element types: The Element Types dropdown reflects the element types your company has enabled. If an element type you expected to see is missing, it may not be activated for your organisation.
  • After downloading your report: The finished PDF or Word document is a snapshot of the data at the time of generation. If data changes after the report is generated, you will need to create a new report to capture the updated information. Reports cannot be regenerated or edited in place.

Tips & common pitfalls

Heads up: Report generation happens in the background and is not instant. After clicking Save, your report will show "Initialized" or "Running" with a spinner. Do not click the Files tab immediately — the files will not be there yet. Wait until the spinner disappears and the Files column shows the full count.
Heads up: If the Save button appears to do nothing or the screen briefly flashes an error, check for incomplete filter rows inside the Element Cards. A filter row must have all three parts filled in (field, operator, and value). If any part is missing, the card border turns red — complete or delete the row and try saving again.
  • Required fields only reveal themselves after a failed save. The Organisation, Element Types, and Languages fields are all mandatory for Individual Reports, but they are not visually marked as required until you try to save with them empty. If your save fails, check these three fields first.
  • Removing an element type deletes its filters silently. If you spend time configuring detailed filters inside an Element Card and then remove that element type from the selector above, all your filter work is lost. Re-adding the element type starts the card fresh. Configure your element types and filters in the right order to avoid rework.
  • Language count sets expectations. The Files column (e.g. "1 / 3") tells you how many of the expected language files are ready. The denominator is the number of languages you chose at creation time. If you selected three languages, three separate documents will be produced. This is by design — each language generates its own file.
  • The Template dropdown is disabled by design. The "Priverion Base Template" option in the Individual Report form looks like a selector but cannot be changed. Custom template support is on the roadmap but not yet available. This is not a bug.
  • Compliance Reports are currently ISO 27001 and Word only. If your audit requires a different standard or a PDF output, you will need to use an Individual Report or export your data through another channel.


Was this article helpful?

English
Powered by Product Fruits