Risk assessment made simple

Follow the ENISA methodology to evaluate breach severity. Select the data type, choose scores, and capture your reasoning. Then download a polished PDF report. See the ENISA report for full guidance.

Data Processing Context (DPC)

DPC represents the type of data involved in the breach.

Select the data type:

Score	Description

Explain your DPC choice:

Ease of Identification (EI)

How easily an individual can be identified from the breached data.

Score	Description

Explain your EI score:

Loss of Confidentiality

This evaluates the extent of data disclosure.

Score	Description

Explain your Confidentiality score:

Loss of Integrity

This measures if and how the data has been altered.

Score	Description

Explain your Integrity score:

Loss of Availability

This examines whether data can be accessed when needed.

Score	Description

Explain your Availability score:

Malicious Intent

This evaluates whether the breach was accidental or intentional.

Score	Description

Explain your Malicious Intent score:

Risk Summary

Criterion	Score	Description	Comment