Today, more than ever before, it is critical for organizations of every size to have comprehensive programs to address the collection, usage, retention, or disclosure of personally identifiable information about customers and employees. Equally critical is the ongoing assessment and evolution of these programs.
The AICPA Privacy Principles Scoreboard tool will help organizations and the CPAs that serve them attain best practices in the assessment and management of privacy. This downloadable software tool is available in both a single organization use option (for internal use in privacy assessment and management within a company or a firm) and a client engagement option (for use in performing up to five client engagements using the software). The software can be used for privacy risk and maturity assessments as well as examining and reporting on internal controls over privacy at a service organization pursuant to AICPA's Service Organizational Control (SOC) Reports SM. Operational or compliance controls addressed in the SOC guidance generally relate to the security, availability, or processing integrity of a system or the confidentiality or privacy of the information processed by that system.
This new software tool provides:
Privacy Principles Scoreboard is based on the Generally Accepted Privacy Principles (GAPP) framework which allows consideration of best practices when evaluating risk and maturity. GAPP developed by the AICPA and CICA compartmentalizes complex privacy elements into 10 privacy principles that offer the basis to implementing effective management of privacy risk and compliance in an organization. GAPP also serves as the basis of the Privacy Risk Assessment and Privacy Maturity Model.
Collaboration support: Because effective assessment and management of privacy issues is often aided by input from multiple sources, Privacy Principles Scoreboard allows for the compilation of individual assessments from up to 10 contributors to any single organization's assessment.
Robust reporting options: Create reports by principle or criteria, or both, to support organizational benchmarking and the creation and management of effective privacy programs. Heat map reports facilitate the prioritization of risk mitigation in terms of relative cost/ effort to mitigate versus likelihood of control failure. Generate reports on privacy risk and privacy maturity individually or in comparison to each other and run reports of assessments collectively, or by assessor.
Easy access: Downloaded and installed directly on your desktop or laptop device without further connection to the Internet to use. Data entered in the tool will be stored on the users system.
An ideal resource for anyone who:
Oversees, manages, or implements privacy or risk and compliance programs
Assesses or audits privacy or risk and compliance programs
Consults with organizations on privacy issues
Licenses are available for broader use, including an unlimited engagements option. Contact the licensing team to learn more about this option.
IMTA Section Members and CITP credential holders qualify for a special price of $99 for Single Organization Use (#PPS12S) or $350 for Client Engagement Use (#PPS512S)! When you log into this website with your AICPA member user account, the section discount will be automatically applied during checkout. Click here for additional privacy resources and information.