New IIA Guidance on Auditing Privacy and Data Protection Risks

Nieuws 27/05/2026
New IIA Guidance on Auditing Privacy and Data Protection Risks

Privacy and data protection remain at the center of today’s risk landscape. As organizations process increasing volumes of data and regulations continue to evolve worldwide, legal, operational, and reputational pressures are growing accordingly.

To support internal auditors in addressing these developments, The IIA has published new guidance focused on auditing privacy and data protection risks. The publication provides a practical and flexible audit approach for evaluating governance, accountability, and controls across the full data lifecycle.

The guidance is grounded in globally recognized privacy frameworks and can be adapted to different industries, technologies, and risk profiles.

In addition to the guidance itself, the publication includes complementary tools such as a Risk and Control Matrix and a RACI matrix developed specifically for this audit scope. These tools are intended to support scoping, testing, and documentation activities, enabling stronger assurance and more actionable insights.

The new guidance replaces Auditing Privacy Risks, originally published in 2012.

This content is exclusively available to IIA members.

Andere nieuwsberichten
New Global Guidance on Data Analytics for Internal Auditors
New Global Guidance on Data Analytics for Internal Auditors
20.05.2026 Nieuws
Topical Requirements in External Quality Assessments
Topical Requirements in External Quality Assessments
13.05.2026 Nieuws
Opening nieuw IIA-kantoor op 18 mei nadert
Opening nieuw IIA-kantoor op 18 mei nadert
13.05.2026 Nieuws