close

What Is Truth to Power?

[+/-] A research and advisory resource...
dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.
[+/-] An open forum and community...
built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.
[+/-] A plexus nexus...
a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.
[+/-] A rebellion...
against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.
Top Panel
WHAT IS T2P?
Top Panel
IT Audit Checklist: Privacy and Data Protection

The IT Audit Checklist for Privacy and Data Protection includes:

  • 270 specific checklist items to help assess your internal audit readiness
  • Advice on assessing the robustness of privacy controls
  • Pointers on audit planning, preparation, testing, and reporting
  • Clarification on what auditors want (and don't want) to see

What Is This Paper About?

This paper supports an internal audit of the organization's regulatory, legal, contractual and reputation protection requirements to maintaining the confidentiality and integrity of sensitive information related to itself, employees, customers, business partners, and other entities.

The paper includes advice on assessing the robustness of privacy controls; guidance on how management and auditors support privacy policies and procedures; and information on ensuring continual improvement of privacy practices.

Authors

Paul Love, CISSP, CISA, CISM, Security+, has been in the IT and Information Security field for over 15 years. Paul holds a Master of Science degree in Network Security and a Bachelor’s degree in Information Systems. He has co-authored three books, contributed to multiple other Linux and Unix books, and has been the technical editor for over 10 best selling Linux and Unix books. Paul is currently the Director of Information Security at a large financial services firm.

Dan Swanson, CMA, CIA, CISA, CISSP, CAP, is a 26-year internal audit veteran and former director of professional practices at the Institute of Internal Auditors. Swanson has completed internal audit projects for more than 30 different organizations, spending almost 10 years in government auditing, at the federal, provincial, and municipal levels, and the rest in the private sector, mainly in the financial services, transportation, and health sectors.

He has completed more than 50 IT conversion audits and a dozen comprehensive audits of the information technology function. The author of more than 150 articles on internal auditing and other management practices, Swanson is currently a freelance writer and health information security officer during the day. He can be reached via email at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Series Editor: Cass Brewer

it audit checklist download link
downloadkey-mo

library
Comments
RSS
Only registered users can write comments!

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."