A Data Protection Impact Assessment is a requirement of the GDPR. It is a risk assessment audit that companies can do to determine where they may have issues that could lead to data breaches and other security issues. A DPIA will look at the processes a company has in place for collecting, processing, sharing, storing and using personal information and look for any privacy risks that there may be so that they can be resolved and minimized.