News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Adrianne Appel2023-09-12T12:41:00
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the state’s privacy rulemaking agency, which debated a preliminary draft of the rules Friday.
The draft cybersecurity rules were approved among sweeping amendments to the state’s 2020 data privacy law under the California Privacy Rights Act. The changes to the California Consumer Privacy Act (CCPA) created the California Privacy Protection Agency (CPPA) to write and enforce the rules.
The five-member CPPA board mainly debated two aspects of the cybersecurity rules Friday: which businesses should be required to conduct annual audits and what should be included in those audits.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
2024-01-09T20:16:00Z By Adrianne Appel
Companies with business in California could face tough new cybersecurity mandates under draft regulations that could be headed for formal rulemaking as soon as Friday.
2023-12-01T22:34:00Z By Adrianne Appel
The California Privacy Protection Agency drafted its rules to apply the rights allowed to residents under the California Consumer Privacy Act to automated decision-making technology used by businesses.
2023-10-17T13:46:00Z By Matt Honea, CW guest columnist
The need to prove network compliance is intensifying as lawmakers introduce new privacy legislation and organizations update their contractual security requirements for third-party vendors.
2024-07-24T15:50:00Z By Aaron Nicodemus
Financial institutions holding Russian sovereign assets that have not reported them to the Treasury Department’s Office of Foreign Assets Control are now required to do so by Aug. 2.
2024-07-23T12:29:00Z By Ruth Prickett
Compliance officers should take note of proposed laws in the U.K. with the newly elected Labor government setting the legislative agenda in the King’s Speech last week, promising consultations on enhanced employee rights and a higher minimum wage.
2024-07-22T15:50:00Z By Aaron Nicodemus
Four federal banking regulators have joined the Treasury Department’s Financial Crimes Enforcement Network in issuing a notice of proposed rulemaking that would require financial institutions to conduct more thorough risk assessments on their anti-money laundering/countering the financing of terrorism programs.
Site powered by Webvision Cloud