Published September 23, 2022 | Version 1.1
Report Open

DARE UK PRiAM Project D3 Report: Privacy Risk Framework Application Guide


This report is Deliverable 3 (D3) “PRiAM Privacy Risk Framework Application Guide” of the DARE UK PRiAM project.
The report is one in a series of four project reports, which focus on working towards standardisation of privacy risk
assessment for cross-domain access and re-use of sensitive data for research purposes. This report describes how to automate privacy risk assessment by augmenting a pre-existing cybersecurity knowledgebase with privacy risk factors and then using the combined knowledge in an ISO 27005 risk assessment process using a System Security Modelling (SSM) platform. This approach allows data governance practitioners to construct a model of a system that can be used to explore threats, risks and consequences in a transparent, repeatable and efficient way.



Files (3.5 MB)

Additional details


DARE: Creating the blueprint for a federated network of next generation, cross-council Trusted Research Environments. MC_PC_21028
UK Research and Innovation