Video: Walkthrough of an Organization's Confidentiality and Privacy Procedures

In this lesson, Nick Palazzolo, CPA, walks through the vital topic of an organization's confidentiality and privacy procedures. Emphasizing a practical audit-like approach, he delves into critical areas such as IT risk management, HR, and training, demonstrating how to align actual practices with documented policy requirements. Nick provides a step-by-step exploration of the pre-walkthrough preparations, actual walkthrough, and how to assess various departments like IT, HR, and potentially the sales team for handling confidential information. He discusses evaluating encryption standards, access controls, network security measures, and the importance of SOC reports in audits. The lesson zeroes in on engaging with personnel to ensure compliance and training effectiveness, documenting findings accurately, and articulating actionable recommendations for tightening security and privacy protocols in corporate settings.

"Examprep.ai helped me pass all 4 CPA exams on the first try. I highly recommend. I especially like the feedback and ratings the software provides so I know where to focus my time."

Daniel H., CPA

"I can't recommend ExamPrep.ai enough. Nick's lessons turned concepts I struggled with into strengths. I was able to pass FAR right before other exams expired!"

Andrew K, CPA

"I just want to say thank you for the great lesson videos. I couldn't stay awake through lectures of another course. After watching all your FAR lessons I was finally able to pass!"

Alyssa M., CPA Candidate

Video Transcript

Instructor: Nick Palazzolo

Nick Palazzolo is head instructor of ExamPrep.ai CPA Review. Nick's teaching style is engaging & upbeat, combining practical Big 4 tax & assurance expertise with years of 1-on-1 coaching. His lessons are concise and emphasize what you need to know to pass. Whether you're a recent grad or working full-time, we’re confident you can conquer your CPA exams with Nick’s review.

Cite this lesson

Link to this page

[[ citeExample ]]

Copy to clipboard

Copy URL to clipboard

Copy HTML to clipboard

All right, let's talk about a walkthrough of an organization's confidentiality and privacy procedures. Kind of like an audit walkthrough if you've done a walkthrough of the cash process, or AP process, or payroll process. This is a walkthrough of an organization's confidentiality and privacy procedures. This is going to walk through everything relevant to confidentiality and privacy. We're going to examine areas like IT risk management, HR, training, education. We want to compare actual practices with the documented policy requirements. We've seen this a lot as well through different, how do you prevent attacks? How do you deal with attacks and threats? The training, security a company has, all of those lessons we've seen before, and we've seen walkthroughs in various other lessons as well. First off, you start with a pre-walkthrough preparation. You review how things should be, and then eventually we'll see how things actually are. That's kind of our gap analysis. We identify key areas for review. Depends on the company. Some companies have certain departments that others don't have, and then we develop a plan. Who's going to be on the team? Who's going to be visited? Who's going to be interviewed? All that good stuff. Next up, we do a walkthrough of each department. Now, for this example, we're going to say IT risk management, the IT team, the HR team. You could add other departments to this. It's not rigid, set in stone. Maybe you want to look at the cash management team, because they are probably not the cash management team. Who would be dealing with confidential private information? Maybe the sales team. The sales team, for sure, could have a lot of confidential private information dealing with the customers. Look at how all the data is being handled and protected. Assess

Unlock the full video transcript and subtitles support with a free account!

Get more from this lesson

Create an account 7-day free trial. No credit card required.

Confidentiality, Privacy, & Incident Response

Module: 2 Concepts, 20 Videos

Confidentiality and Privacy - Overview

0:52

Introduction to Confidentiality and Privacy

2:24

Fundamentals of Encryption

3:29

Confidentiality vs. Privacy