Launch of the Audit Committee Forum Position Paper 8: Guidelines for the Audit Committee on Data Protection

Launch of the Audit Committee Forum Position Paper 8

Launch of the ACF Position Paper 8

From left to right: Linda Mamet, Interim CEO at the MIoD; Sheila Ujoodha, Chairperson of the Audit Committee Forum; Drudeisha Madhub, Data Protection Commissioner of the Data Protection Office of Mauritius; and John Chung, Managing Partner at KPMG in Mauritius

On Wednesday 14 October 2020, the Mauritius Institute of Directors (MIoD) and KPMG in Mauritius launched the Audit Committee Forum Position Paper 8, which provides guidelines to Audit Committees on data protection.

Being in an era of rapid technological change, it is necessary to ensure that privacy rights are properly protected as an increasing amount of personal data is being shared. Processing personal data poses security challenges, hence the need for regulations to protect individuals as well as organisations.

Audit Committees are responsible for the verification of an organisation's financials and oversight of the internal and external audit processes. Outside the financial services industry, where separate risk committees have become an established best practice, Audit Committees have also begun to take a new role. They are increasingly being asked to monitor new issues such as data privacy and digitalisation, exposing them to new compliance risks.

This paper has been prepared to assist Audit Committees to play their role effectively by providing background information on the concepts related to data protection while taking into account the relevant legislations and regulations, as well as providing guidance tailored to Audit Committees so that they are better informed on the subject.