INTERNAL CONTROL & DATA SECURITY AUDITS
Auditwerx can help your organization meet the specific data security requirements your clients demand.
Menu
Auditwerx can help your organization meet the specific data security requirements your clients demand.
Florida agencies, such as the Florida Highway Safety and Motor Vehicles (FLHSMV), are concerned that their partners have the appropriate internal controls in place to ensure that data is protected from unauthorized access, distribution, use, modification, and/or disclosure. To ensure that these standards are being met, state agencies and vendors must submit an Internal Control and Data Security Audit from a currently licensed Certified Public Accountant.
An Internal Control and Data Security Audit is required to demonstrate compliance with the Florida Cybersecurity Standards (FCS), Rules 60GG-2.001 through 60GG-2.006, Florida Administrative Code (F.A.C.) These standards incorporate guidance from the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, and the Federal Information Security Management Act of 2002 (FISMA) (44 U.S.C. S3541, et seq.).
To satisfy these requirements, companies should consider a SOC 2 report with a mapping to the Florida Cybersecurity Standards, to ensure all aspects of the FSC are addressed.
Security: The system is protected against unauthorized access (both physical and logical).
Availability: The system is available for operation and use as committed or agreed.
Confidentiality: Information designated as confidential is protected as committed or agreed.
Processing Integrity: System processing is complete, accurate, timely, and authorized.
Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and the Canadian Institute of Chartered Accountants (CICA).
Auditwerx understands the requirements of the FSC, data security assessments is what we do. We can guide you through the process to meet the Internal Control and Data Security Audit requirements. Contact us to learn more about an Internal Control and Data Security Audit.
