All of the stakeholders in a data governance program bear responsibility for protecting the privacy of personal information under their care. In this video, learn about the ten principles of the generally accepted privacy principles, and how data governance programs should enforce those principles.
- [Instructor] All of the stakeholders…in a data governance program bear responsibility…for protecting the privacy…of personal information under their care.…In this video, you'll learn about the 10 principles…of the Generally Accepted Privacy Principles…and how data governance programs…should enforce these practices.…The Generally Accepted Privacy Principles, or GAPP,…were developed through a collaboration…between four major industry organizations.…The American Institute of Certified Public Accountants,…AICPA,…the Canadian Institute of Chartered Accountants, CICA,…the Information Systems Audit and Control Association,…ISACA,…and the Institute of Internal Auditors, IIA.…
The first GAPP principle is management.…This principle states that an organization…handling private information should have policies,…procedures, and governance structures in place…to protect the privacy of that information.…For example, as I discussed in the last video,…the organization should clearly define the roles…of data owner, data steward, and data custodian.…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage