Conducting Audits and Assessments of Data Privacy Regulations

8109 Concord Rd,Brentwood TN 37027

17 November, 2022

Description

Join the ISACA Middle Tennessee Chapter and the Nashville IIA Chapter for a presentation on Conducting Audits and Assessments of Data Privacy Regulations on Thursday, November 17, 2022 from 1:00 - 5:00PM CST. Event Summary: Organizations are under extraordinary pressure to identify and implement solutions to address data privacy regulatory requirements. This seminar provides an in depth understanding of the data privacy regulations and alternative implementation solutions. The focus of the seminar is to provide proven approaches on conducting audits and assessments of data privacy regulations within your organization. From this seminar, an auditor will be able to assess the risks taken by their organization based on their project implementation strategies and understand how to construct the compliance tests necessary to yield the most compelling audit issues. The presentation will provide working industry examples of how to implement solutions that allows the participants to effectively evaluate the various types of solutions that may have been used within their organization. Seminar Outline: Common components and required project initiatives across privacy and data protection regulations Understanding whether the organization is in scopeIdentifying the business processes which are in scopeEstablishing a mapping of personal data to business processesMechanisms to disclose personal data which is collected, stored, processed, and sharedMechanisms to receive, track, and process data subject access rights requestsData breach handlingLatest state and federal government privacy and cybersecurity regulations Understanding their impactsImplementation requirementsConducting a post-implementation audit & assessment of the California Consumer Privacy Act (CCPA) What is personal information within CCPAWho is in scopeDisclosure requirementsRight to accessRight to deletionConducting a GDPR post-implementation audit & assessment Understanding and auditing the required components record of processing activities (Article 30)Evaluating whether proper disclosures have been established for types of data subjects which meets Article 13 & 14 disclosure requirementsUnderstanding the alternative approaches for Article 6 – lawfulness of processingAuditing and assessing the buildout and operationalization of Data Subject Access Rights (DSAR) requestsAssessing the Processor GDPR Business integration and compliance validationEvaluating mechanisms used to meet Article 32 requirementsIf you have questions before the meeting, please send them to Programs Director, Aaron Smith ([email protected]). Speaker: Mitchell Levine, CISA, is the founder of Audit Serve, Inc. which was established in 1990. For the last 30 years at Audit Serve, Mr. Levine has split his time between traditional IT & integrated audit consulting projects and global project initiatives. For the past eight years, Mr. Levine has been focusing more than half of his time on data privacy regulatory implementation consulting projects which included HIPAA, Hitech, GDPR, CCPA, and Part 500 Cybersecurity. Mr. Levine spends 220+ days per year consulting which is the basis for the materials included in the seminars he teaches. Over the past six years, Mr. Levine has presented over 70 seminars to eighteen different ISACA & IIA chapters. Mr. Levine also was the primary writer and editor of Audit Vision which is published monthly and has a subscription base of over 3,500 audit and security professionals. Prior to establishing Audit Serve, Inc. in 1990, Mr. Levine was an IT Audit Manager at Citicorp where his duties included management a team of IT Auditors who were responsible for auditing 25+ service bureaus and the corporate financial systems. Date/Time: Thursday, November 17, 2022 from 1:00 - 5:00PM CST Location/Delivery: The presentation will be in the Meeting Room at the John P. Holt Brentwood Public Library. The address is 8109 Concord Rd, Brentwood, TN 37027. NOTE: This event is not a Brentwood Library program. Light snacks and refreshments will be provided. Prerequisites: None Program Field of Study: Auditing Program Level: Basic/Beginner CPE Credits & Field of Study: Up to four (4) hours of credit will be issued. The Middle Tennessee Chapter of ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org.