Create and answer a risk analysis – methodology, assessment and risk level

1. Create a risk analysis:
In the left menu under „Risks" click „Risk analyses". Via „New" you start an analysis – easiest with „Load from sample documents", which ships proven events, damages and risk levels.

2. Link what is assessed:
Under „General" choose the link type and „Linked to" – usually a processing activity. This anchors the assessment to the concrete operation.

3. Maintain events, damages and risk levels (Edit):
In „Events" you define risk types with the type risk matrix, rating or yes/no. Under „Damage assessment" you add damages such as discrimination and attach an event to each criterion. The „Risk levels" (low, medium, high) each get a threshold.

4. Release:
After saving, you release the analysis. The „Answer" button only appears once the status is „Released".

5. Answer:
Via „Answer" you choose the probability of occurrence per event (negligible to maximum) and the severity of impact per criterion; other types are answered via rating or yes/no.

6. Result:
From the answers, preeco automatically computes the risk level and stamps „Last answered". The assessment is recorded as a revision. If the analysis reaches the highest risk level, this triggers a data protection impact assessment (DPIA) under Art. 35 GDPR.