Skip to Main Content
United Kingdom
Select regional store:
Get 25% off training for life with the IT Governance Rewards Club. Book a selected classroom or live online course today to qualify!
The Data Protection Impact Assessment (DPIA) Tool helps organisations determine whether a DPIA should be conducted to meet the requirements of the EU GDPR


SKU: 5061
Publishers: Vigilant Software
Format: DPIA Tool Single User (Annual Subscription)
Availability: Available
Format: DPIA Tool Multi-user (Annual Subscription)
Format: DPIA Tool Single User (Monthly Subscription)
Format: DPIA Tool Multi-user (Monthly Subscription)

Identify your risks, measure their likelihood and assess the impact with our DPIA (data protection impact assessment) tool.

If your processes are putting your data subjects’ rights at risk, then you may need to conduct a DPIA. Our easy-to-use tool will help you quickly determine if you need to conduct an assessment and will streamline the process should you need one.

Aligned with the GDPR, this comprehensive tool simplifies the risk assessment process, so you can review, update and maintain your DPIA whenever needed.

Take the hassle out of purchasing with our new subscription pricing. For as little as £49.95 a month, you can now achieve compliance for less. Plus, you can easily manage your subscriptions, view your payments and check and upcoming bills in your Account area. And don’t worry, you can cancel anytime so you can benefit from this product for as long or as little as you need.

 Purchase the DPIA Tool today and save 10% for the lifetime of your subscription. Hurry, offer ends 31 January! (T&Cs apply)

Price: £49.95
ex vat


The Data Protection Impact Assessment (DPIA) Tool helps organisations determine whether a DPIA should be conducted to meet the requirements of the EU GDPR (General Data Protection Regulation).

A DPIA (data protection impact assessment) is required if a process is likely to result in a high risk to the rights and freedoms of data subjects – any natural person (i.e. a living individual) whose personal data is processed by the organisation. Data subjects might be employees, contractors, etc., as well as customers.

This particularly includes activities that involve:

  • Using automation to make decisions that could significantly affect an individual;
  • Large-scale processing of sensitive data (health data, political views, sexuality, etc.); and
  • Monitoring public areas on a large scale.

When should a DPIA be conducted?

In the UK, the supervisory authority is the ICO (Information Commissioner’s Office). The ICO requires a DPIA to be conducted for any processes that:

  • Involve the use of new technologies;
  • Use profiling or sensitive data to decide on access to services;
  • Involve profiling individuals on a large scale;
  • Involve biometric data;
  • Involve genetic data;
  • Match data or combine data sets from different sources;
  • Involve ‘invisible processing’;
  • Involve tracking individuals’ location or behaviour;
  • Involve profiling children or targeting marketing and online services at children; and
  • Involve data that might endanger the individual’s physical health or safety in the event of a security breach.

If an organisation is running any process that matches these descriptions, it must conduct a DPIA.

DPIAs are important tools for accountability. They not only help controllers comply with the GDPR’s requirements but also demonstrate that appropriate measures have been taken to ensure that compliance.

How will the DPIA tool help you?

  • Simplifies and speeds up the entire DPIA process.
  • Ensures your DPIA process meets the ICO’s requirements.
  • Helps you create a DPIA process and define the scope of the DPIA.
  • Produces a consistent approach for every DPIA.
  • Gives you the ability to share DPIA results with key stakeholders and the ICO.
  • Generates accurate reports on each DPIA conducted.
  • Enables you to export the results of each DPIA.

Watch our quick preview video to learn more about the DPIA Tool and how it can help you and your organisation.

Key Features

Simple and efficient

  • Quickly determine whether a DPIA is required.
  • The built-in wizard guides you through each step of the process to assess asset-based risks.
  • Easier to use than a spreadsheet.

Aligned with the GDPR

Aligned with guidance from both the ICO (Information Commissioner’s Office) and the WP29 (Article 29 Working Party – replaced by the EDPB (European Data Protection Board)), the DPIA Tool helps organisations meet the requirements of Article 35 of the GDPR. Controllers can demonstrate that appropriate measures have been undertaken to ensure GDPR compliance.

Standardised procedure

  • Conduct a comprehensive DPIA following a consistent approach across all processing activities.
  • Identify risks and devise how likely they are to occur and what impact they would have.

Easy to share

Easily share information with key stakeholders and your supervisory authority.

Review, update and maintain

Easily review and update a DPIA whenever a change occurs in the processing activity.

Integrates with other CyberComply products

The DPIA Tool integrates with Compliance Manager and the Data Flow Mapping Tool, giving you full visibility of your compliance progress.

Technical specifications

  • Hosted on CyberComply, Vigilant Software’s online cyber security and compliance platform.
  • An Internet connection and a compatible browser are required – the latest version of Chrome, Edge, Firefox or Internet Explorer.
  • Available on an annual subscription basis.
  • Licensed for up to five users.
  • Supported by Microsoft Azure data centres, which have industry-leading security measures and policies.
  • Includes regular updates to content and functionality.

Additional information

Offered on an annual licence basis. An invoice will be raised each year so that you can continue to benefit from updates and unlimited technical support.

The DPIA Tool can be integrated with other products on the CyberComply platform, including Compliance Manager and the Data Flow Mapping Tool. Purchasing all three products allows users to easily track their compliance project and apply the appropriate controls from the GDPR.

The integration clearly displays which controls have been applied to processes and which processes are governed by specific regulatory or statutory requirements.

Request a free demo

If you would like a free demonstration of the DPIA Tool please get in touch. Please note that demos are hosted by Vigilant Software, a subsidiary of IT Governance. A member of their team will in contact to arrange this.

Request a demo

Customer Reviews

This website uses cookies. View our cookie policy