ISACA releases white paper on GDPR compliance

ISACA has released new resources to help auditors assess and maintain General Data Protection Regulation (GDPR) compliance.

Months after the GDPR was implemented in May 2018, many auditors are still navigating the changes and working to ensure their audit programs address all the new requirements of GDPR.

To meet their needs and provide guidance and best practices, ISACA, in partnership with ACL, has released a new complimentary white paper, How to Audit GDPR.

Exploring six of GDPR’s principles — lawfulness, fairness and transparency; purpose limitations; data minimisation; accuracy; storage limitations; and integrity and confidentiality — How to Audit GDPR identifies where GDPR can be considered within an enterprise’s strategic audit plan. The white paper also compares the roles of data controller and data processor under GDPR, and it outlines the responsibilities that data controllers have in working with third-party data processors.

“Auditors play an integral role in ensuring enterprises are compliant with complex GDPR requirements,” said Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, Director of Information Security and IT Assurance at BRM Holdich and chair of ISACA’s Women’s Leadership Council.

“These new resources provide the clarity and guidance to support auditors in their efforts to build these new considerations into their annual audit plans.”

Auditors can gain additional tools and insights into the GDPR auditing process through ISACA’s new GDPR Audit Program Bundle, which is US$49 for ISACA members and US$79 for non-members and includes the following components:

• An instructional overview
• GDPR Audit Program — Enterprise: a comprehensive GDPR audit program geared primarily toward large enterprises
• GDPR Audit Program — Technical: a selection from the comprehensive program above that focuses on technical aspects of GDPR compliance
   

For more guidance and information around GDPR, including interactive learning options, resources and news, visit www.isaca.org/gdpr.

Image credit: ©Duncan Andison/Dollar Photo Club

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.