Abstract: A system, method and computer program product for assessing risk of a process through a set of entities identified as utilizing personal data needing protection from misuse and wrongful disclosure comprising mapping the identified process including identifying a purpose of the identified process and a sensitivity of that purpose; identifying data elements including the utilized personal data and including a volume and sensitivity of those identified data elements; identifying data types including the utilized personal data and including a volume and sensitivity of those identified data types; identifying data subjects about whom data is involved in the process including a volume and sensitivity of those identified data subjects; and identifying the set of entities involved in the process and their locations; and identifying data flows among the set of entities involved in the process; and applying a set of rules against the mapped process to provide a risk assessment of the mapped process based on the risk se

Abstract: A method (200) for assigning a key pair to an entity, such as a certification authority (CA 102), includes the following steps. A key pair is generated (210). It includes a private key and a public key which form a key pair for use in public-key cryptography. The key pair is stored (220) in a cryptographic signing unit (CSU 140). The CSU (140) is then activated (230). A request for a key pair is received (240) from the entity (102). Responsive to the request, the key pair is assigned (250) to the entity (102). In a preferred embodiment, an identifier (312) is assigned to the key pair and preferably is different from identifiers assigned to other key pairs stored in the CSU (140). The identifier (312) is then included in a digital certificate (300) issued to the entity (102).