HTML has links - PDF has Authentication
308-10A-402  <<  308-10A-403 >>   308-10A-404

PDFWAC 308-10A-403

Independent third-party auditor qualifications.

Independent third-party auditors conducting data security audits must, at a minimum, hold one of the following qualifications:
(1) American Institute of Certified Public Accountants (AICPA);
(2) Certified Information Security Auditor (CISA/ISACA);
(3) ANSI-ASQ National Accreditation Board (ANAB); or
(4) Other nationally recognized information technology auditing certification.
(5) An internal audit organization that can attest it conforms with the international standards for the professional practice of internal auditing.
[Statutory Authority: RCW 46.01.110. WSR 23-19-010, ยง 308-10A-403, filed 9/7/23, effective 10/8/23.]