X9 X9.99-2009 (R2020) Financial Services-Privacy Impact Assessment (Identical to ISO 22307-2008)

standard by Accredited Standards Committee X9 Incorporated, 08/17/2009

Full Description

X9.99-2009 (R2020) recognizes that a privacy impact assessment (PIA) is an important financial services and banking management tool to be used within an organization, or by "contracted" third parties, to identify and mitigate privacy issues and risks associated with processing consumer data using automated, networked information systems. This International Standarddescribes the privacy impact assessment activity in general,defines the common and required components of a privacy impact assessment, regardless of business systems affecting financial institutions, and provides informative guidance to educate the reader on privacy impact assessments.

A privacy compliance audit differs from a privacy impact assessment in that the compliance audit determines an institution's current level of compliance with the law and identifies steps to avoid future non-compliance with the law. While there are similarities between privacy impact assessments and privacy compliance audits in that they use some of the same skills and that they are tools used to avoid breaches of privacy, the primary concern of a compliance audit is simply to meet the requirements of the law, whereas a privacy impact assessment is intended to investigate further in order to identify ways to safeguard privacy optimally.

Product Details

Published: 08/17/2009 ANSI: ANSI Approved Number of Pages: 36 File Size: 1 file , 380 KB Same As: ISO 22307:2008