Privacy and Security Impact Assessments

The purpose of a Privacy and Security Impact Assessment (PSIA) is to identify potential privacy and security risks of new or redesigned university business processes or services which use personal or other sensitive information and identify risk mitigation strategies to help Information Stewards decide whether to proceed.

PSIAs are filled out by individuals or units investigating or implementing new or redesigned processes or services, are reviewed by the Privacy Officer and the Information Security Officer, and finally reside with the relevant Information Steward(s).

To determine whether your initiative requires a full PSIA, please fill out the questions on this form.