This assignment is to undertake a Privacy Impact Assessment PIA on Project/Product CAT4. The
information about this project and its privacy policy can be found in https://www.pencs.com.au/. The main
purpose of this assignment is to give you an opportunity to investigate a practical project, examine its
risks in protecting data privacy by doing a data compliance analysis following attached documnet which
contains 13 APPs (Australian Privacy Principles, Page 19-27 of [2]), and finally give your
recommendations based on your understanding and knowledge learnt from this course.
Your PIA report should include 5 parts.
Describe the project (Refer to ANRDR template [3]
Map information flows (Refer to ANRDR template [3])
Privacy impact analysis and compliance check (Follow each principle in APPs [2], refer to the table and
questions in NPP-PIA-report-template [4], some example contents to be filled in the table has been
included in page 2-4 of 7905ICTassignment-2020-2 [1])
Privacy management — addressing risks and recommendations (Refer to the table in NPP-PIA-report-
template [4], page 4 of 7905ICTassignment-2020-2 [1])
Conclusion (What is this PIA about? How many risks are identified? What are the critical ones? How many
security controls were suggested?
Sample Solution
