![Page 1: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/1.jpg)
Company Accountants Special Interest Group
New Privacy Laws
![Page 2: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/2.jpg)
Agenda
![Page 3: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/3.jpg)
Privacy Act 2020
Mandatory notifications for privacy breaches
Increased powers for the Privacy
Commissioner
Controls on disclosure of information
overseas
Criminal offences Extra-territorial scope
![Page 4: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/4.jpg)
Serious Harm
![Page 5: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/5.jpg)
NISTCSF
Framework
![Page 6: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/6.jpg)
NISTPrivacy
Framework
![Page 7: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/7.jpg)
CombinedFrameworks
![Page 8: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/8.jpg)
PrivacyFrameworkCategories
![Page 9: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/9.jpg)
Completing the Framework
![Page 10: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/10.jpg)
CompletedFramework
Example
![Page 11: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/11.jpg)
Preparation
![Page 12: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/12.jpg)
Preparation
![Page 13: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/13.jpg)
Roles and Responsibilities
![Page 14: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/14.jpg)
Responding to a Privacy Breach
![Page 15: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/15.jpg)
Self Assessment
![Page 16: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/16.jpg)
Reporting a Breach
![Page 17: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/17.jpg)
FinancialContext
![Page 18: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/18.jpg)
Key Findings from the
CAANZ Report
• 54% were either not aware of whether their organisationhad suffered an attack or thought they had not been.
• In just 8% of organisations, the CFO was responsible for the strategic direction of cyber security.
• The annual cost of cybercrime to the global economy will double from US$3 trillion in 2015 to $US6 trillion in 2021.
• Many organisations pinpoint cybercrime as one of their most significant threats.
• There are key reasons for the CFO to step up and play a leading role in cyber security.
https://www.charteredaccountantsanz.com/news-and-analysis/insights/research-and-insights/why-cfos-should-take-the-lead-on-cyber-security
![Page 19: New Privacy Laws - WordPress.com · 2020. 10. 21. · ID.IM-PI: Systems/products/services that process data are inventoried. Strongly Disagree ID.lM-P2: Owners or operators (e.g](https://reader035.vdocuments.us/reader035/viewer/2022071603/613ea31d69193359046d3d5e/html5/thumbnails/19.jpg)