This solution should be used for example in connection with legislation dealing with the protection of personal data. The risk register covers the life cycle of each identified risk - acquisition, categorization, impact analysis, design, implementation and follow-up of adopted measures, regular revisions of risk.
A clear risk card is available. For example, the Data Protection Officer (DPO) may have an overview of the state of action taken, the compliance check and audit records. The management would welcome the complete documentation for the decision on the proposed measures, overview of the amount of solved risks, documents for evaluation of work and monitoring of deadlines.