This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ivacy issues are related: audits of privacy also audit data quality and data integrity (RQ6) Unauthorized access to information could lead to unauthorized changes
Unauthorized access can also lead to privacy violations
Refer to ISACA G31
10 Parker (CK, p. 76) explains the key concepts Parker (CK, p. 76) explains the key concepts that apply to privacy audits (RQ6) Covers all 10 privacy components
At highest level of assurance
Scope matches privacy notice
Itemizes aspects that should be included in the scope of the engagement If the data that is being audited (in the privacy audit) is “commingled” then the controls over the combined data need to be audited
Considerations over time coverage are stated 11 Practice question – Group 6 Practice question – Group 6 YourTaxReturn.com, Part (3), (RQ7) This question will help us review risks for privacy and identity theft
Use the readings and the COSO principles to answer these questions 12 Control problems at all levels of the Control problems at all levels of the organization affect privacy and data quality
[Illustrates points for RQ9] The Feb. 2005 Auditor General of Canada (2005 AGR) report looked at financial systems in t...
View Full Document
This document was uploaded on 02/15/2014.
- Winter '13