Inside LiveChat

How to Survive Risk Assessment: LiveChat Tips and Tricks

Malgorzata Sikora
6 min read
Jul 1, 2020
  • Post on Twitter
  • Share on Facebook
  • Post on LinkedIn
  • Post on Reddit
  • Copy link to clipboard
    Link copied to clipboard

If you’re here, most likely you have an interest in best practices for the management of legal documents. You may wonder if all these compliance documents, NDAs, DPAs, and SLAs provide risk for your business and the data processing it does. Regardless of your location, there are laws and international standards that require you to be aware of your data processing and how it relates to the potential for losing that data. To make it easy for you to understand, we’ll go through this topic together in a question and answer format. 

1. What is a risk assessment? 

First of all, any risk assessment is a process organized around analysis of what happens if anything in your processes goes wrong. In other words, it’s a process focused on conducting in-depth checks and controls over your system. Those systems could be your data flow in the company, your implementation of new software, or your internal product check.

Each risk assessment has its own goal which you should be aware of before you start working on it. The goal could be, for example, a GDPR-related data flow assessment. However, you may wish to have an assessment with numerous goals. It’s up to you and specifics related to your business. 

2. Why should I care?

Well, first of all, to have any well-maintained business, especially if we are talking about online-related industries, keeping an eye on your processes and safety is a must. Furthermore, in case you have any safety issues related to data loss, it’s easier to try to improve if you invest in risk assessment. A risk assessment shows how you performed the assessment and, potentially, proves that it needs to be improved. At LiveChat, we run risk assessments and update them on a regular basis. That helps us to be ready so that we can respond quickly when an incident occurs. It also gives us an overview of what we have in our system and data flow, but more about us later on. 

3. How to start? What should be in my risk assessment? 

First of all, you should try to answer the following questions:

4. What’s next? How should it be written down? 

It sounds like a lot to do, but don’t panic. It’s not that hard. Start with clear divisions and methodology. Look at the example we used, and try to make it work for your use case. At LiveChat, we process different categories of data. 

Then just follow in the same pattern answering those questions you read about above. Don’t be afraid to make statements, and use documentation you already have to support it. For example, you can use your Privacy Policy to check what security measures you have already implemented. Look for internal data flow documents inside different teams to map risks within categories of data and mitigations. 

TIP: If doing it in order is too much to start with, try to do a mind map or just write down all you know, and then try to categorize it all. 

5. Who is the best person in the company to ask for an assessment?

Usually, its different teams in your company working together. It’s always a good idea to choose a leader who has a good overview of the company. To make a good risk assessment you don’t need tons of legal knowledge, but you have to know your business and your company well!

6. I use LiveChat. Should I mention that in our risk assessment? Is it safe from the perspective of risks and mitigations to use our products?

The only right answer is yes. At LiveChat, we’ve invested a lot of time and experience in safety standards. You can feel safe that once you share your data with us, we keep an eye on it. Also, if you wish to check and see if we meet your standards (of course, after you have your own risk assessment done), you can check the information below:

Risk assessment template

Risk Assessment is a useful tool to track your data processing, but we know that it may be a challenge. That’s why we’ve prepared a sample document for you with an explanation on how to start with your own risk assessment. Check out our template here.