[Updated! Originally published 2017 September 9] There is a ton of free material in the Internet describing the Data Privacy Impact Assessments (DPIA) process. Some fine examples include: UK ICO's " Conducting Privacy Impact Assessment- Code of Practice Article 29 Data Protection Working Party's " Guidelines on Data Protection Impact Assessment (DPIA) France's CNIL's PIA Manual 1 - Methodology (how to carry out a PIA) ; PIA Manual 2 - Tools (templates and knowledge bases) , and PIA Manual 3 - Good Practices When I actually tried to perform my first DPIA (also called "Data Protection Impact Assessments"), I struggled because the templates were not particularly intuitive. I searched for real-world examples of DPIAs...and found nothing. I looked for templates that were comprehensive and straightforward...and found none. Even the three different versions of a DPIA template I received from IT Governance as part of a GDPR class and a document