You are required to carry out Data Protection Impact Assessments (DPIA) under certain conditions, and it is considered a good practice to do in any case. One advantage of integrating DPIA’s into standard operating procedure is the level of information and important record keeping that is generated as a natural outcome of the process.
UKGDPR create a custom work-flow procedure with OneTrust software that integrates the required roles and streamlines the entire process. So now, your subject matter experts can complete their section,and hand over to legal, who then hands on to IT, etc. Risks in the processing activity are flagged and put into a register to manage. Alternatively, for smaller companies, we can set up a work-flow using simple Excel spreadsheets.