- From: Harshvardhan J. Pandit <me@harshp.com>
- Date: Tue, 24 May 2022 18:37:36 +0100
- To: Data Privacy Vocabularies and Controls Community Group <public-dpvcg@w3.org>
Hello. Please see a proposal discussing documenting DPIA information using DPV terms. repo: https://github.com/coolharsh55/dpv-dpia summary: https://harshp.com/dpv-dpia/ draft paper: https://harshp.com/dpv-dpia/paper/paper.html I only realise now that I haven't clearly indicated that the DPIA reuses DPV concepts, e.g. Purpose, PersonalData, DataController and so on. I'm working on better documentation, adding more concepts for risks, mitigations, and impacts, etc. But the basic structure of proposal is as I'm sharing now. --- Risks --- There's a separate risk ontology based on ISO 31K family (https://github.com/coolharsh55/riskonto) that is also work in progress for risk related concept, and it will be aligned with DPIA and DPV in terms of risk, mitigation, consequence, and impact. Whether we want to include basic concepts such as Risk Levels, Severity, Likelihood, in DPV (main), or extension, or keep this entirely separate is for discussion. I've intentionally kept the risk ontology as lightweight as possible, but there are lots more that could be modelled (see https://github.com/coolharsh55/riskonto/blob/master/riskos.ttl) Regards, -- --- Harshvardhan J. Pandit, Ph.D Research Fellow ADAPT Centre, Trinity College Dublin https://harshp.com/
Received on Tuesday, 24 May 2022 17:37:04 UTC