Impact, Risk and Measures

By | Monday May 25th, 2015

Regulation states that Privacy Impact Assessment is the first step of a company’s security strategy, that consequentially enhances the analysis of risks related to personal data processing and security measures adopted to protect information.

More than setting specific security measures, the Regulation requires the Controller to implement organizational and technical processes to identify, reduce and mitigate risks that threaten personal information.

Into this section you will find organizational and technical actions appropriate for the specific processing activity and assessed considering also costs of implementation.

Category: Impact, Risk and Measures

About Alessandro Vallega

He is Security Business Development Director for Oracle EMEA. He has the responsibility to lead a cross functional team on the GDPR (General Data Protection Regulation, EU 679/2016) at EMEA level (marketing, legal, sales, training, technology). He founded and coordinates an external blog on the same topic ( He has defined a European methodology to evaluate the database security degree of a data center and the advantages of identity and access management technology. He founded in 2007 the Oracle Community for Security, and in that context led the creation of several publications about security and privacy in the cloud, with mobile, in the social media, in healthcare, on return on security investments, about the role of the CISO, and how to prevent frauds. He is an author of the Italian annual ICT Security Report by CLUSIT and he is part of the CLUSIT board of directors.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.