A new resource is available from the Canadian Institute of Chartered Accountants (CICA) to help corporate directors understand and implement privacy initiatives within their companies.
Although it was originally developed for a Canadian audience, 20 Questions Directors Should Ask About Privacy has global appeal in its approach to helping corporate boards address the growing demands for consumer privacy.
The document was developed by CICA's Information Technology Advisory Committee in response to the new Personal Information Protection and Electronic Documents Act enacted by the Canadian government to protect privacy rights of individuals with respect to the collection, use, disclosure and retention of their personal information.
The brochure points out the benefits of board members taking explicit responsibility for assessing the significance of privacy risk, and offers guidance for conducting a privacy risk assessment.
This brochure highlights key questions directors should ask management with the aim of understanding privacy risk, implementing a privacy compliance regime, managing privacy risk and obtaining privacy assurance.