Tag Archives: GAPP
Review and Critique of Generally Accepted Privacy Principles — Part 4
March 21, 2012 – 6:00 am
–
2.4. GAPP Assessment Procedures GAPP Approach: Again, the AICPA and CICA claim that each of GAPP’s 10 privacy principles is supported by “relevant, objective, complete, and measurable criteria.” Critique: While in many cases it is obvious how an auditor should test compliance…
Review and Critique of Generally Accepted Privacy Principles — Part 3
March 19, 2012 – 6:00 am
–
2.3. The Structure of GAPP Apart from the problem of how to determine the scope of personal information, GAPP faces a further problem concerning how to interpret the overall framework. In database terminology, GAPP may be thought of as a database consisting of two tables: principles and…
Review and Critique of Generally Accepted Privacy Principles — Part 2
March 5, 2012 – 6:00 am
–
2. Critique 2.1. GAPP’s Definition of Privacy GAPP Approach: The AICPA and CICA define privacy as “the rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure, and disposal of personal information.”[1] Critique: There are four…
Review and Critique of Generally Accepted Privacy Principles (GAPP) — Part 1
February 21, 2012 – 9:00 am
–
1. Overview Service management has ITIL. Quality has ISO 9000. Information security has numerous options, including ISO/IEC 27001, COBIT, and NIST SP 800-53. What about information privacy? Many regulatory and standards organizations have adopted their own frameworks or approaches to information…