Methodology & Workflow — impactassessment.eu

Audiqcer Integrated Approach

Audiqcer's methodology is unique in the Portuguese market: it combines data protection, fundamental rights and cybersecurity impact assessments in a single structured process. This integrated approach eliminates redundancies, reduces total time and cost, and ensures no obligation is overlooked at the intersection of different regulations.

7-Step Workflow

Step 1

Initial Diagnosis

Organisation mapping, information systems, data processing, AI systems and ICT infrastructure. Preliminary identification of applicable regulatory obligations.

Step 2

Obligation Mapping

Detailed analysis of applicable regulations (GDPR, AI Act, NIS2, DORA, CSRD) and identification of mandatory and recommended impact assessments.

Step 3

Data Collection

Stakeholder interviews, document analysis, asset and process inventory. Structured collection of all information needed for assessments.

Step 4

Risk Assessment

Application of risk assessment methodologies appropriate to each type: likelihood and severity (DPIA), fundamental rights impact (FRIA), ICT risk (NIS2/DORA).

Step 5

Measure Identification

Definition of mitigation measures, technical and organisational controls, and prioritised action plan to reduce residual risk to acceptable levels.

Step 6

Formal Documentation

Production of formal reports (DPIA, FRIA, ICT risk assessment), risk matrix, action plan and supervisory authority documentation.

Step 7

Monitoring & Review

Establishment of periodic review cycle, monitoring indicators and update procedure when significant changes occur.

What Sets Us Apart

🔍

Audit Approach
Rigour & independence

📈

Multi-Regulation Integration
Efficiency & coverage

🎓

Certification-Oriented
Quality & recognition

Request Free Initial Diagnosis

The first step is always a diagnosis. No commitment, no cost.

Get in Touch

Request a free assessment or ask us about regulatory impact assessments.

Contact

Email: info@impactassessment.eu

Phone: (+351) 285 107 010