# PIIA (SA) — Risk Assessment > Draft the risk assessment for a POPIA PIIA: analyse risks to data subjects' rights and freedoms, including harm, discrimination, and financial loss. Tags: South Africa, POPIA, PIIA, DPIA, Risk assessment, Data protection ## Example Prompts - Draft the risk assessment for our PIIA - Document risks to data subjects for this processing activity - Write the risk analysis with likelihood and severity for the impact assessment URL: https://rakenne.app/skills/piia-sa-risk-assessment/index.md Try this skill: https://rakenne.app/a/?skill=piia-sa-risk-assessment ## Overview Draft the risk assessment for a POPIA PIIA: analyse risks to data subjects' rights and freedoms, including harm, discrimination, and financial loss. ## Getting Started Add your source materials to the project workspace, then activate the *PIIA (SA) — Risk Assessment* skill. The agent will guide you through the process step by step. ## Example conversation **You:** I need the risk assessment for our PIIA—risks to data subjects with likelihood and severity. **Agent:** I’ll draft the risk assessment. I’ll list the main risks to data subjects’ rights and freedoms (e.g. breach leading to identity misuse, discrimination from profiling, financial loss from wrong payment data), rate likelihood and severity for each, and summarise in a risk register so we can map mitigations and residual risk for sign-off. ## Output excerpt | ID | Risk description | Data subjects | Likelihood | Severity | Inherent risk | |-----|-------------------------------------------|-----------------|------------|----------|----------------| | R1 | Unauthorised access to payroll/ID data | Employees | Medium | High | High | | R2 | Incorrect or outdated data affecting pay | Employees | Low | High | Medium | | R3 | Data shared with processor without safeguards | Employees | Low | Medium | Medium | **R1 — Unauthorised access:** Personal data (including ID numbers and bank details) could be exposed by breach or misuse, leading to identity theft or financial fraud. Mitigation: access controls, encryption, audit logging (see Mitigation Measures). --- Back to [Skill Library](https://rakenne.app/skills/index.md)