|
Our audit and compliance services include:
-
Review, audit, gap analysis and assessment, and compliance audit reports
for records and information management systems, security, privacy, and retention programs.
-
Development of documented programs, policies,
and procedures for
the retention, disposition, security and privacy of corporate information.
-
Review, analysis, and recommendations for
software and systems to automate how paper and electronic information is
managed and monitor and document compliance with regulations for access,
retention, and disposition of information assets.
-
Development and delivery of staff training for
new programs and policies.
Compliance Reviews and
Audits
Numerous US federal, state, and
international laws create compliance obligations for documentation, retention,
collection of personal information, secure storage and destruction of information, and
the management of corporate
information assets. Some requirements include SEC and audit
requirements for public entities; discovery disclosures and timelines; privacy
policy notifications; international, FTC and HIPAA requirements for
documented and monitored security and privacy programs that ensure personally identifiable information
about employees and customers is securely stored and destroyed; and
reporting requirements if security measures are breached.
Compliance/performance audits
need to be performed each year to monitor and meet requirements
for existing
security, privacy, and retention/disposal programs. Legal requirements need to be
reviewed and updated every 1-3 years to ensure compliance with current legal
requirements for the retention, destruction, privacy, and security of
information. Our
reviews include:
-
Analysis of existing
information systems (paper and electronic), documentation, policies, and procedures.
-
Identification of legal
and regulatory requirements as well as industry standards such as PCI that
create compliance requirements for documentation, privacy, security,
storage, retention,
and destruction of
information.
-
Audit report
including gap analysis, assessment and a straight forward roadmap and work plan to achieve
compliance.
For
more information
please contact
Denise Simons by:
E-mail: dsimons@haystackassociates.com
Phone: (253) 631-1509
|
