Privacy on parade
As part of our series of articles for the Institute of Internal Auditors Magazine, Simon McDougall, one of the partners leading our UK Privacy practice line, looks at protecting data privacy and the usefulness of a data protection audit.
The way in which organisations manage and protect personal data has never been under such scrutiny as now. Recent actions taken in the UK by both the Information Commissioner and the FSA have highlighted the need for organisations to have robust internal controls around privacy, and Internal Audit should have a key role to play in this control framework.
So what should be the role of Internal Audit with regards to data protection? As the fines from recent breaches accumulate, and reputational damage from breaches becomes more tangible, organisations are starting to assign a value to the risk – something which previously has only been theoretical. There is no question over the need for a control framework aimed specifically at privacy and data protection, but to what extent are internal audit accommodating this into their current audit plan?
Privacy on parade (PDF, 87 KB)