DPIAs & Risk in Keepabl

Impact Assessments are much easier in Keepabl’s awesome Assessments module, with a choice of Assessments and our unique Risk Engine powering Risk in DPIAs now, and powering our Enterprise Risk module later in the year.

Impact Assessments in Keepabl

Keepabl’s GDPR Threshold PIA is designed to help you decide whether a DPIA is needed under EU and UK GDPRs. Drawing on the UK ICO’s DPIA Guidance, and the EU’s Guidelines on Data Protection Impact Assessment (DPIA), it includes easy-to-use checklists of:

• the GDPR test for DPIAs,
• the UK ICO’s 10 DPIA Criteria,
• the EDPB’s 9 DPIA Criteria, and
• product guidance depending on your answers.

The UK ICO’s DPIA template is included as an Available Template in Keepabl, should you decide a full DPIA is needed.

We’ve fully integrated all text from the ICO’s official document (20180622 v0.4) – but replaced the ICO’s sections on Risk and Decisions with Keepabl’s own, and added our usual ‘Manage this Assessment‘ section at the top, with Contributors and Signatories, the status of the Assessment, and governing law.

We’ll be adding our own Keepabl DPIA Template shortly.

Build your own Templates

Template Builder, built on our existing Forms and launching in Q2 2025, will empower you to build any Template you wish in Keepabl, from DPIAs to AI, Transfers to Legitimate Interest, Marketing Checklists to AI Model Cards.

Keepabl’s Risk Engine

We’re excited to introduce our new Risk Engine, which fully integrates with our Assessments module, so it’s super easy to identify and manage Risk within your DPIAs and other Assessments in Keepabl.

The Risk Engine is powered by, and reflects, your own risk methodology, which you can tailor as you wish in the new Risk module. Your risk methodology will apply to all Risks in Keepabl*.

* Except for risk in our Breach module as Privacy laws, including GDPR, use risk levels such as ‘unlikely to result in a risk’ and ‘likely to result in a high risk’. Don’t blame us!

Customise your Risk Methodology

In Keepabl, the Risk Rating (or ‘level of risk’) for each risk is calculated by multiplying the likelihood that the risk might happen (L) by the severity of the impact if it does (I). This gives you the risk rating formula: R = L x I.

• Each of Likelihood and Impact are always scored on a 1 to 5 axis.
• Our default labels for these axes run from Very Low to Very High, and you can edit these to match your own risk methodology.

You can also change your interactive Risk Heat Map to meet your risk appetite.

• Select your own labels for the five categories in your Heat Map.
• Choose your own colour gradients. For example, have just 3 colours if that’s your thing.

There’s so much more in our Risk Engine:

• Threats, Vulnerabilities & Controls – Create your own library of Risk Names, Threats, Vulnerabilities and Controls for your Users to select from in Assessments, Create individually or bulk upload using our easy template.
• Risk decisions – We’ve built in the famous ‘4 T’s’ of risk decision0making: Tolerate, Treat, Transfer, and Terminate. Again, you can edit those to match your own terminology.
• Risk Treatment Plans (RTP) – Create a powerful RTP within each Risk. Set who’s in charge, the deadline, and update the status as you work through it. The RTP is fully integrated with Keepabl’s fantastic Tasks module so you can build out your RTP assigning and prioritising Tasks straight from the RTP and manage them both in the RTP and in Tasks so you never miss a thing.

Your organisation can now manage its entire risk management process in Keepabl’s auditable, collaborative, and intuitive solution.

See how Risk and Assessments are meant to be

Book your demo now and see how easy we make Assessments and have a full view of our exciting Risk Engine!