ARETE - Assessment of Risk to individuals of pErsonal daTa brEaches

ARETE is the first edition of the Assessment of Risk to individuals of pErsonal daTa brEaches (ARETE) training exercise. Building on the success of the PATRICIA I, II and III exercises, and the Data Breach Awareness campaign, it is the latest initiative in a series dedicated to improving data breach preparedness and risk assessment capabilities. 

The training will take place on 30 June 2026 in Brussels and is focusing on strengthening participants’ ability to identify, model and assess the risks arising from personal data breaches towards the concerned individuals and their fundamental rights. 

The training which is addressed specifically to EU institutions, Bodies and Agencies (EUIBAs), aims to increase awareness and provide practical knowledge and understanding of risk assessment practices in the context of data breaches. It  is open to a range of professional profiles, including Data Protection Officers (DPOs), data controllers, IT and compliance officers. 

The programme of the training combines expert led-sharing knowledge related to risk assessment with hands on learning through realistic use cases studies. Participants will explore how to identify the risks within personal data breaches and how to assess the likelihood and severity of those risks associated for different categories of data subjects. They will also have the opportunity to apply the concepts and practices presented and also navigate through the automated tool specifically designed for the exercise by conducting risk assessments on provided examples.

Participation in ARETE is limited to staff of EU institutions, Bodies and Agencies.