# Formal Risk Review Checklist

**Process:** Nightly UK customer analytics  
**Description:** Nightly UK customer analytics: clean customers and summarise spend by region.  
**Generated:** 2026-06-24  
**Document status:** Draft — pending governance review  

> This checklist is generated by conformare from the pipeline's risk register. The pre-filled columns describe each declared risk; the **Review decision**, **Reviewer comments** and **Action & target date** columns are for the governance team to complete, followed by sign-off below.

## Summary

- **Total risks:** 3
- **Mitigated:** 2 (with a named owner: 2)
- **Unmitigated:** 1
- **Governance concern:** 1 high, 0 medium, 2 low

*Concern ranking: a risk with a declared, owned mitigation is **Low**; a mitigation without a named owner is **Medium**; no mitigation is **High**.*

## Risk register

| # | Risk ID | Category | Risk | Severity | Affected steps | Declared mitigation | Mitigation owner | Concern | Review decision | Reviewer comments | Action & target date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | `fairness.proxy_variable` | Bias / Fairness | Proxy variable | Medium | Spend by region | — | — | High | [ ] Accept [ ] Mitigate [ ] Reject |  |  |
| 2 | `privacy.pii_exposure` | Privacy | PII exposure | High | Clean customers | Mask email before any export | data-platform | Low | [ ] Accept [ ] Mitigate [ ] Reject |  |  |
| 3 | `compliance.gdpr` | Compliance | GDPR processing | High | Clean customers, Entire process | Mask email before any export; Annual DPIA on file; lawful basis documented | data-platform, data-governance | Low | [ ] Accept [ ] Mitigate [ ] Reject |  |  |

## Risk details

### 1. Proxy variable (`fairness.proxy_variable`)

*Category: Bias / Fairness · Severity: Medium · Concern: High*

A feature acts as a proxy for a protected attribute.

- **Affected steps:** Spend by region
- **Declared mitigation:** —
- **Mitigation owner:** —
- **Notes from the pipeline:**
    - Spend by region: region may proxy for a protected attribute

**Reviewer decision:** [ ] Accept [ ] Mitigate further [ ] Reject  
**Comments:** ___________________________________________  
**Responsible owner:** _______________  **Target date:** ___________  

### 2. PII exposure (`privacy.pii_exposure`)

*Category: Privacy · Severity: High · Concern: Low*

Personally identifiable information may be exposed or retained beyond need.

- **Affected steps:** Clean customers
- **Declared mitigation:** Mask email before any export
- **Mitigation owner:** data-platform
- **Notes from the pipeline:**
    - Clean customers: email retained through the pipeline

**Reviewer decision:** [ ] Accept [ ] Mitigate further [ ] Reject  
**Comments:** ___________________________________________  
**Responsible owner:** _______________  **Target date:** ___________  

### 3. GDPR processing (`compliance.gdpr`)

*Category: Compliance · Severity: High · Concern: Low*

Processing falls under GDPR; lawful basis and minimisation apply.

- **Affected steps:** Clean customers, Entire process
- **Declared mitigation:** Mask email before any export; Annual DPIA on file; lawful basis documented
- **Mitigation owner:** data-platform, data-governance
- **Notes from the pipeline:**
    - Clean customers: email retained through the pipeline

**Reviewer decision:** [ ] Accept [ ] Mitigate further [ ] Reject  
**Comments:** ___________________________________________  
**Responsible owner:** _______________  **Target date:** ___________  

## Governance review sign-off

| Reviewer (name) | Role | Overall decision | Signature | Date |
|---|---|---|---|---|
|  |  |  |  |  |
|  |  |  |  |  |

**Overall comments:**

> ______________________________________________________________
>
> ______________________________________________________________

---

*Generated by conformare on 2026-06-24. Pre-filled fields reflect the pipeline as authored; reviewer entries above are the system of record for this review.*
