As expectations for data privacy continue to evolve, auditors are more likely to encounter difficulties when providing assurance for compliance initiatives. Fortunately, in parts of the United States, officials have put together privacy task forces and even enacted legislation at a higher level, such as the California Consumer Privacy Act (CCPA).
While the CCPA primarily relates to the data of consumers in the US State of California, compliance with the CCPA may be required of organizations located worldwide. Its larger scope has made this law more visible in the audit community. To support compliance efforts, ISACA® has launched an audit program for assessing CCPA policies and procedures. The audit program enables auditors to evaluate the design of an entity’s CCPA practices and the effectiveness of its compliance with the CCPA.
To learn more about auditing with CCPA, visit the California Consumer Privacy Act (CCPA) Audit Program page of the ISACA website.