All of the stakeholders in a data governance program bear responsibility for protecting the privacy of personal information under their care. In this video, you will learn about the ten principles of the generally accepted privacy principles and how data governance programs should enforce those principles.
- [Instructor] All of the stakeholders in a data governance…program, bear a responsibility for protecting the privacy…of personal information under their care.…In this video, you'll learn about the 10 principles…of the Generally Accepted Privacy Principles,…and how data governance programs…should enforce these practices.…The Generally Accepted Privacy Principles, or GAPP,…were developed through a collaboration between…four major industry organizations,…The American Institute of Certified Public Accountants,…AICPA,…The Canadian Institute of Chartered Accountants, CICA,…The Information Systems Audit and Control Association,…ISACA,…and the Institute of Internal Auditors, IIA.…
The first GAPP principle is management.…This principle states that an organization handling…private information, should have policies, procedures,…and governance structure in place…to protect the privacy of that information.…For example, as I discussed in the last video,…the organization should clearly define the roles…of data owner, data steward, and data custodian.…
Members who take all eight courses in the series will be prepared to take and pass the CISSP exam. Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage