„We are perfectly capable of assessing the risk ourselves.”
Are you sure about that?

*
Taking into account the state of the art, the cost of implementation, and the nature, scope, context, and purposes of the processing, as well as the risk of varying likelihood and severity of a breach of the rights or freedoms of natural persons, the controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, among other things, where appropriate:*Article 32 (1) as amended by correction of 23 May 2018 (EU Decree L, 2018, No 127, paragraph 2) which shall enter into force on 23 May 2018.
„We are perfectly capable of assessing the risk ourselves.”
Are you sure about that?
