{"id":600,"date":"2012-03-22T14:34:02","date_gmt":"2012-03-22T12:34:02","guid":{"rendered":"http:\/\/saisa.eu\/blogs\/Guidance\/?p=600"},"modified":"2012-03-30T08:55:07","modified_gmt":"2012-03-30T05:55:07","slug":"privacy-maturity-model-pmm-by-aicpacica","status":"publish","type":"post","link":"https:\/\/saisa.eu\/blogs\/Guidance\/?p=600","title":{"rendered":"Privacy Maturity Model PMM, by AICPA\/CICA"},"content":{"rendered":"<p>The AICPA\/CICA has produced <a href=\"http:\/\/www.cica.ca\/resources-and-member-benefits\/privacy-resources-for-firms-and-organizations\/item47888.aspx\">Privacy Maturity Model<\/a> (PMM).<\/p>\n<blockquote>\n<p><a href=\"http:\/\/www.cica.ca\/about-the-profession\/cica\/index.aspx\">CICA<\/a>: The Canadian Institute of Chartered Accountants (CICA) represents Canada\u2019s CA profession both nationally and internationally. The CICA is a founding member of the International Federation of Accountants (IFAC) and the Global Accounting Alliance (GAA).<\/p>\n<p><a href=\"http:\/\/www.aicpa.org\/About\/Pages\/About.aspx\">AICPA<\/a>: The American Institute of Certified Public Accountants, founded in 1887, is the world\u2019s largest association representing the accounting profession, with nearly 377,000 members in 128 countries. The AICPA sets ethical standards for the profession and U.S. auditing standards for audits of private companies, non-profit organizations and federal, state and local governments.<\/p>\n<\/blockquote>\n<p>The <a href=\"http:\/\/www.cica.ca\/service-and-products\/privacy\/docs\/item48094.pdf\">PMM<\/a> uses five maturity levels as follows:<\/p>\n<ul>\n<li>Ad hoc \u2013 procedures or processes are generally informal, incomplete, and inconsistently applied.<\/li>\n<li>Repeatable \u2013 procedures or processes exist; however, they are not fully documented and do not cover all relevant aspects.<\/li>\n<li>Defined \u2013 procedures and processes are fully documented and implemented, and cover all relevant aspects.<\/li>\n<li>Managed \u2013 reviews are conducted to assess the effectiveness of the controls in place.<\/li>\n<li>Optimized \u2013 regular review and feedback are used to ensure continuous improvement towards optimization of the given process.<\/li>\n<\/ul>\n<p>The figure below is from a <a href=\"http:\/\/jebcl.com\/symposium\/wp-content\/uploads\/2011\/08\/RGP_Privacy-2011-10-22-V2.pptx\">presentation<\/a> given at a <a href=\"http:\/\/jebcl.com\/symposium\/program\">symposium<\/a>.<\/p>\n<blockquote><p><img loading=\"lazy\" height=\"221\" alt=\"PMM\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2012\/03\/pmm.png\" width=\"438\" \/><\/p><\/blockquote>\n<p>PMM is based on Generally Accepted Privacy Principles (<a href=\"http:\/\/www.aicpa.org\/InterestAreas\/InformationTechnology\/Resources\/Privacy\/GenerallyAcceptedPrivacyPrinciples\/Pages\/default.aspx\">GAPP<\/a>) and the Capability Maturity Model (<a href=\"http:\/\/www.sse-cmm.org\/model\/model.asp\">CMM<\/a>).<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Links<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Capability_Maturity_Model_Integration\">CMMI<\/a>: Capability Maturity Model Integration (CMMI) is a process improvement approach whose goal is to help organizations improve their performance. CMMI can be used to guide process improvement across a project, a division, or an entire organization.<\/li>\n<li>CICA Privacy <a href=\"http:\/\/www.cica.ca\/resources-and-member-benefits\/privacy-resources-for-firms-and-organizations\/index.aspx\">pages<\/a>:\n<ul>\n<li>AICPA\/CICA <a href=\"http:\/\/www.cica.ca\/resources-and-member-benefits\/privacy-resources-for-firms-and-organizations\/item10752.aspx\">Privacy Risk Assessment Tool<\/a><\/li>\n<li>Records Management &#8211; Integrating Privacy Using Generally Accepted Privacy Principles<\/li>\n<li><a href=\"http:\/\/www.aicpa.org\/InterestAreas\/InformationTechnology\/Resources\/Privacy\/GenerallyAcceptedPrivacyPrinciples\/Pages\/InternationalPrivacyConcepts.aspx\">Comparison of International Privacy Concepts<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>The AICPA\/CICA has produced Privacy Maturity Model (PMM). CICA: The Canadian Institute of Chartered Accountants (CICA) represents Canada\u2019s CA profession both nationally and internationally. The CICA is a founding member of the International Federation of Accountants (IFAC) and the Global &hellip; <a href=\"https:\/\/saisa.eu\/blogs\/Guidance\/?p=600\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,26,44],"tags":[],"_links":{"self":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/600"}],"collection":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=600"}],"version-history":[{"count":2,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/600\/revisions"}],"predecessor-version":[{"id":602,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/600\/revisions\/602"}],"wp:attachment":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}