What is a Privacy Impact an Information Governance Risk Assessment?
An Information Governance Risk Assessment (
...
IGRA) is a tool to identify and manage risk to information.
IGRA stands for Information Governance Risk Assessment. The purpose of an IGRA is to identify and manage risk to information, it has two elements:
- Understanding and controlling information security risks
- Understanding and controlling privacy risks where personal data is processed
The process can be initiated by any RoS colleague on behalf of the RoS Information Asset Owner (IAO). It allows the IAO to understand the risks arising from a proposal and to agree on any controls they wish put in place to manage that risk.
...