>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

DM-04Personal Information Access Requests

>Control Description

In accordance with Organization policy, upon request, authenticated individuals are provided with a copy of their personal information or disclosures of their personal information in an understandable form and within the defined timeframe.

Theme

Process

Type

Preventive

Policy/Standard

Privacy Policy

>Implementation Guidance

1. Ensure that a process is defined, documented, and communicated for requesting a copy of personal information. 2. Ensure that on request a copy of personal information is provided to authenticated individuals as per the policy. 3. Ensure that the information is provided in an understandable form and in a timely manner as per the policy

>Testing Procedure

1. Inspect and validate whether a documented process is defined, and communicated for requesting a copy of personal information. 2. Validate whether on request a copy of personal information was provided to authenticated individuals. 3. Validate that the information was provided in an understandable form and in a timely manner.

>Audit Artifacts

E-PRIV-01
E-DM-07

Ask AI

Configure your API key to use AI features.