Course Release Date: June 4, 2021

D231 - Mitigating Risks

Approximate Length – 60 Minutes

Intended Audience – Privacy Engineers and other Privacy Professionals, Software Developers, Managers, Architects and Engineers.

Lesson Description

Which privacy controls should be applied to which privacy risks? With so many risks and controls to consider, it can be difficult to know which approach to take in any given situation. By mapping the privacy controls included in the Hoepman Privacy Design Strategies to some of the major risk factors included in the Factors Analysis of Information Risk (FAIR) model, and further breaking down how to apply these controls to a threat landscape, this course demystifies the art of matching control to risk.

Learning Areas

  • Mapping Privacy Controls to Privacy Risks
  • Applying Privacy Controls to a Threat Model

Lesson Objectives

Upon completion of this course, students should understand the relationship between the Hoepman Privacy Design Strategies and the Factors Analysis of Information Risk (FAIR) model, how to apply the controls described in the former to the risks described in the latter, and how to use these controls to approach a threat landscape.

This lesson will prepare designers and developers to create interfaces purposefully designed not to manipulate users.