Notícias

Notícias

See our news

Doubts?

What is system audit and how does it relate to LGPD?

eye-of-a-futuristic-robot

Do you know what system audit relationship with LGPD - General data protection law?

instituted by Law 13.709 of 2018 , LGPD provides for the processing of personal data, including digital media, with the objective of protecting the fundamental rights of people's freedom and privacy.

Legislation provides for a series of care and guidelines that need to be observed by companies in the storage and processing of personal data from third parties.

Since such guidelines are disrespected, the responsible undertaking is subject to the application of severe sanctions which include, among other measures:

  • WARNING;

  • fine of up to R $ 50 million;

  • Suspension of the company's activities.

    In view of this, it is essential that companies are prepared to observe and respect the determinations of LGPD, taking all care to avoid possible infractions.

    What is system audit?

    The audit of systems aims to review processes related to the IT and information security in companies.

    In this type of work, it is possible to identify security flaws and procedures that could result in unauthorized access and even in data leak and third-party information.

    In a system audit, several items are checked, among them:

    • system performance;

    • Safety in data treatment and storage;

    • privacy and access control;

    • System reliability;

    • information integrity;

    • system availability;

    • Confidentiality of stored data.

      When the subject is the safety of information in accordance with LGPD, it is worth mentioning what article 46 says of that law, see:

      "Art. 46. Treatment agents should adopt security, technical and administrative measures to protect personal data from unauthorized access and accidental or illicit situations of destruction, loss, alteration, communication or any form of inadequate or illicit treatment. " / p>

      Types of audit in companies

      You have already realized that the audit has a key role to ensure the safety of information in the power of companies, avoiding lag and undue manipulation of data resulting in penalties.

      In view of this, companies need to invest in checks and improvements in their processes and IT routines and information security.

      for this, we have at least two types of audit, are they:

      Internal audit: held by the company itself to review your processes and certification that the patterns adopted are being permanently followed and observed.

      External audit: Performed by specialized companies that identify faults, offer advice and guidance for vulnerability correction and process improvement.

      Audilink For example, it offers complete audit and consulting services, which include:

      • process mapping;

      • identification of vulnerable points;

      • Identification of data types used.

      • evaluation of possible exception cases;

      • Listening to the real need to collect and data processing;

      • Analysis and / or preparation of the terms of use and privacy policy;

      • compliance for good practices.Do you want to know more about our systems in a system audit focus on failure correction and attendance to the standards and guidelines provided for in LGPD? Contact us!

WHERE ARE WE

'Encontre a audilink mais perto de você

International Contact

+55 (0)11 3819 2207
+55 (0)11 99540 2828
Roberto Bianchessi
roberto@audilink.com.br

© 2020 | StudioGT

Audilink informs: we use cookies to personalize ads and improve your experience on the site. By continuing to browse, you agree to our privacy policy.