💼 RA-8 Privacy Impact Assessments

ID: /frameworks/nist-sp-800-53-r5/ra/08

Description

Conduct privacy impact assessments for systems, programs, or other activities before: a. Developing or procuring information technology that processes personally identifiable information; and b. Initiating a new collection of personally identifiable information that:

Will be processed using information technology; and
Includes personally identifiable information permitting the physical or virtual (online) contacting of a specific individual, if identical questions have been posed to, or identical reporting requirements imposed on, ten or more individuals, other than agencies, instrumentalities, or employees of the federal government.

Similar

Internal
- ID: dec-c-1faeb521

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v2.0 → 💼 ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded			7		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections