AR-04-727 Privacy Monitoring and Auditing

Privacy Monitoring and Auditing

AR-04-727
Privacy Monitoring and Auditing
Accountability, Audit and Risk Management
Detect
Security Monitoring and Event Analysis
NOT SELECTED
NA
No
Critical business processes and sensitive data are compromised due to flawed monitoring and audit process.
The organization monitors and audits privacy controls and internal privacy policy [Assignment: organization-defined frequency] to ensure effective implementation.
Privacy controls are subject to periodic review and inspection by a neutral internal department or other.
No statewide control
Obtain data privacy policy and procedures; other relevant documents or records and ascertain if the organization has implemented mechanisms to monitor and audit privacy related controls and internal privacy policy on a periodic basis to ensure effective implementation.