>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

DM-08Personal Information Updates

>Control Description

Organization allows authenticated users to review and update their personal information.

Theme

Process

Type

Preventive

Policy/Standard

Data Management Policy

>Implementation Guidance

1. Ensure that a process is defined, documented, and communicated regarding access and update to personal information. 2. Ensure that appropriate justifications are provided for any denied access or update requests. 3. Ensure that a process is defined, documented, and communicated for appealing the denial of access or update request.

>Testing Procedure

1. Inspect and validate whether a documented process exists regarding access and update to personal information. 2. Validate that for any denied access or update requests, appropriate justifications were provided. 3. Inspect and validate whether a documented process exists for appealing the denial of access or update request. 4. Ensure that the access or update request process is well communicated.

>Audit Artifacts

E-DM-11
E-DM-12

Ask AI

Configure your API key to use AI features.