Managing and Auditing Privacy Risks

Management und Prüfung des Datenschutzes:

Die Veröffentlichung kann, ebenso wie weitere GTAGs, von der Website des IIA (www.theiia.org) kostenlos heruntergeladen werden.

Zum Inhalt:

One of the many challenging and formidable risk management issues faced by organizations today is protecting the privacy of customers\' and employees\' personal information. The cost from privacy breaches is increasing everyday. The organization’s customers, suppliers, and business partners want assurances that the personal information collected from them is protected and used only for the purposes for which it was originally collected.

Global Technology Audit Guide 5 \"Managing and Auditing Privacy Risks\" is intended to provide the chief audit executive (CAE), internal auditors, and management with insight into privacy risks that the organization should address when it collects, uses, retains, or discloses personal information. This guide provides an overview of key privacy frameworks which help to understand the basic concepts and aid in finding the right sources for more guidance regarding expectations and what works well in a variety of environments. It also covers the details on how internal auditors complete privacy assessments.

GTAG 5 content outline:
* What is Privacy?
* Privacy Principles and Frameworks
* Privacy Risk Management
* Privacy and Business
* Auditing Privacy
* Top 10 Privacy Questions CAEs Should Ask