Confidential Data Exposure Assessment
1. Project / System Information
Project/System Name:
Assessment Date:
Assessor Name(s):
2. Data Inventory
Type of Confidential Data
Location (System/Database/File)
Data Owner
Volume
Comments
3. Data Flow & Access
Describe how confidential data enters, moves through, and exits the system:
Who has access to this data, and how is access controlled?
4. Exposure Risks
Risk Description
Likelihood (Low/Med/High)
Impact (Low/Med/High)
Existing Controls
Additional Mitigations Needed
5. Summary & Recommendations
Summary of Findings:
Recommendations: