Skip to Main Content
Lockdown learning: get 20% off July and August training dates, plus all distance learning training courses! Find out more
The Data Protection Impact Assessment (DPIA) Tool helps organisations determine whether a DPIA should be conducted to meet the requirements of the GDPR.


SKU: 5061
Publishers: Vigilant Software
Format: DPIA Tool Single User (Annual)
Availability: Available

Speed up and simplify the DPIA (data protection impact assessment) process and ensure compliance with a key GDPR requirement.

Request a demo


Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

This is a subscription product that auto-renews in line with our T&Cs.

Price: 565,00 €
ex VAT


The Data Protection Impact Assessment (DPIA) Tool helps organisations determine whether a DPIA should be conducted to meet the requirements of the EU GDPR (General Data Protection Regulation).

A DPIA (data protection impact assessment) is required if a process is likely to result in a high risk to the rights and freedoms of data subjects – any natural person (i.e. a living individual) whose personal data is processed by the organisation. Data subjects might be employees, contractors, etc., as well as customers.

This particularly includes activities that involve:

  • Using automation to make decisions that could significantly affect an individual;
  • Large-scale processing of sensitive data (health data, political views, sexuality, etc.); and
  • Monitoring public areas on a large scale.

When should a DPIA be conducted?

Most supervisory authority's across the EU require a DPIA to be conducted for any processes that:

  • Involve the use of new technologies;
  • Use profiling or sensitive data to decide on access to services;
  • Involve profiling individuals on a large scale;
  • Involve biometric data;
  • Involve genetic data;
  • Match data or combine data sets from different sources;
  • Involve ‘invisible processing’;
  • Involve tracking individuals’ location or behaviour;
  • Involve profiling children or targeting marketing and online services at children; and
  • Involve data that might endanger the individual’s physical health or safety in the event of a security breach.

If an organisation is running any process that matches these descriptions, it must conduct a DPIA.

DPIAs are important tools for accountability. They not only help controllers comply with the GDPR’s requirements but also demonstrate that appropriate measures have been taken to ensure that compliance.

How will the DPIA tool help you?

  • Simplifies and speeds up the entire DPIA process.
  • Ensures your DPIA process meets the supervisory authority's’s requirements.
  • Helps you create a DPIA process and define the scope of the DPIA.
  • Produces a consistent approach for every DPIA.
  • Gives you the ability to share DPIA results with key stakeholders and the supervisory authority.
  • Generates accurate reports on each DPIA conducted.
  • Enables you to export the results of each DPIA.

Watch our quick preview video to learn more about the DPIA Tool and how it can help you and your organisation.

Key Features

Simple and efficient

  • Quickly determine whether a DPIA is required.
  • The built-in wizard guides you through each step of the process to assess asset-based risks.
  • Easier to use than a spreadsheet.

Aligned with the GDPR

Aligned with guidance from both the supervisory authority and the WP29 (Article 29 Working Party – replaced by the EDPB (European Data Protection Board)), the DPIA Tool helps organisations meet the requirements of Article 35 of the GDPR. Controllers can demonstrate that appropriate measures have been undertaken to ensure GDPR compliance.

Standardised procedure

  • Conduct a comprehensive DPIA following a consistent approach across all processing activities.
  • Identify risks and devise how likely they are to occur and what impact they would have.

Easy to share

Easily share information with key stakeholders and your supervisory authority.

Review, update and maintain

Easily review and update a DPIA whenever a change occurs in the processing activity.

Integrates with other CyberComply products

The DPIA Tool integrates with Compliance Manager and the Data Flow Mapping Tool, giving you full visibility of your compliance progress.

Technical specifications

  • Hosted on CyberComply, Vigilant Software’s online cyber security and compliance platform.
  • An Internet connection and a compatible browser are required – the latest version of Chrome, Edge, Firefox or Internet Explorer.
  • Available on an annual subscription basis.
  • Licensed for up to five users.
  • Supported by Microsoft Azure data centres, which have industry-leading security measures and policies.
  • Includes regular updates to content and functionality.

Additional information

Offered on an annual licence basis. An invoice will be raised each year so that you can continue to benefit from updates and unlimited technical support.

The DPIA Tool can be integrated with other products on the CyberComply platform, including Compliance Manager and the Data Flow Mapping Tool. Purchasing all three products allows users to easily track their compliance project and apply the appropriate controls from the GDPR.

The integration clearly displays which controls have been applied to processes and which processes are governed by specific regulatory or statutory requirements.

Request a free demo

If you would like a free demonstration of the DPIA Tool please get in touch. Please note that demos are hosted by Vigilant Software, a subsidiary of IT Governance. A member of their team will in contact to arrange this

Request a demo

Customer Reviews

(0# of Ratings:)
This website uses cookies. View our cookie policy.