Privacy has become a significant business risk to organizations that collect, use, retain and disclose personally identifiable information about customers and employees. Whether it is complying with numerous privacy laws and regulations in jurisdictions where the organization does business or meeting customers’ and employees’ expectations for handling their personal information, executive management, Boards of Directors, owners, and privacy professionals are looking for guidance and tools to address this business concern.
A good first step to address privacy risks within an organization is to perform a privacy risk assessment. The AICPA/CICA Privacy Risk Assessment Tool is designed to help CPAs, CAs, management, owners, and other privacy professionals accomplish this task in an effective and comprehensive manner. The tool utilizes the ten principles and 73 criteria contained in the AICPA/CICA Generally Accepted Privacy Principles ( www.aicpa.org/privacy) or ( www.cica.ca/privacy). It provides the organization with the principles and criteria that is contained in many privacy laws and regulations worldwide including good privacy practices to benchmark against.
The Privacy Risk Assessment Tool was designed in Microsoft Excel with the intent of making it as user friendly and intuitive as possible. The User Guide will describe the features and functionality of the tool.
To get started, please download the 11 files contained in the zip file onto your c:\ drive in a folder named AICPA Privacy Tool. The User Guide will provide you with the necessary information to use the Privacy Risk Assessment Tool.
As you use and test the Tool, we are interested in your comments and suggestions relating to applicability to your business or organization, ease of use, performance, functionality, documentation, or any other recommendations you may have to change or enhance the tool.
If you would like to be added to our mailing list to receive future updates and information on the Tool, please forward your request and include your email address to privacytool@aicpa.org.
Additional privacy material and resources are available at www.aicpa.org/privacy and www.cica.ca/privacy.