Risk Assessment Methodology (RAM)

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Risk Assessment Methodology (RAM) provides a systematic and repeatable approach to identifying, evaluating, and mitigating privacy risks associated with data processing activities.

    RAM is central to establishing accountability in data handling practices and supports regulatory compliance by embedding risk management into daily operations. It helps privacy and compliance teams to assess data processing risks, identify exposure across systems, and implement timely strategies to reduce those risks. As organizations operate in an increasingly complex regulatory environment, the methodology confirms that risks are evaluated consistently and documented transparently.

    For information about configuring your own RAMs, see Create a Risk Assessment Methodology.

    Base Risk Assessment Methodologies

    The Privacy Management application provides the following RAMs in the Draft state:
    • Automated criticality factors
    • Criticality assessment
    • Privacy Risk Assessment
    Note:
    Starting with the Australia release, you can publish up to three Risk Assessment Methodologies.