C1.1
Identifies and maintains confidential information
ConfidentialityImplementedConfidentiality
Control description
AICPA Trust Services Criteria
The entity identifies and maintains confidential information to meet the entity's objectives related to confidentiality.
Auditor test plan
How this is tested during the audit
Auditor reviews the data classification policy, the inventory of confidential data stores, and label-tag coverage in the warehouse.
Evidence
1 item attached to this control
- PDF
data-classification-policy-v3.pdf
sha256:0000000000000000… · 215.0 KB · 42d ago
Last reviewed
42d
Within 180-day window
Evidence on file
2
Owner
DS
Director, Security
Accountable for design + operating effectiveness
Status timeline
Recent control history
Last reviewed by Director, Security
42d ago
Status set to implemented
72d ago
Initial control design approved
132d ago