Wednesday, December 26, 2012

Fortifying your defenses - The role of internal audit in assuring data security and privacy


Data privacy and protection is a topic of great interest and impact regardless of industry. The average loss in brand value for a company that experiences a data breach can be anywhere from $184 million to more than $330 million. It is predicted that the risk of a breach occurring will continue to increase because companies today maintain greater amounts of personal data on customers and employees than ever before, coupled with the ongoing proliferation of technology.

In our experience, every company has security controls and privacy policies, and often quite good ones. But in many instances these processes and policies are not being followed and new threats are often overlooked. In an effort to help our clients address these challenges we have introduced the concept of three lines of defense, which is not unique to data privacy and security but should be in place and operating at a robust level to deal with any critical risk to the business. In this whitepaper we give first hand testimonial from one of our clients who institutionalized these three lines of defense to assist them in mitigating their privacy and security risks.

See full Report: http://www.pwc.com/en_US/us/risk-assurance-services/publications/internal-audit-assuring-data-security-privacy.jhtml