WAC 308-10A-403:

WACs > Title 308 > Chapter 308-10A > Section 308-10A-403

HTML has links - PDF has Authentication

Print This Page

308-10A-402 << 308-10A-403 >> 308-10A-404

Independent third-party auditors conducting data security audits must, at a minimum, hold one of the following qualifications:

(1) American Institute of Certified Public Accountants (AICPA);

(2) Certified Information Security Auditor (CISA/ISACA);

(3) ANSI-ASQ National Accreditation Board (ANAB); or

(4) Other nationally recognized information technology auditing certification.

(5) An internal audit organization that can attest it conforms with the international standards for the professional practice of internal auditing.

[Statutory Authority: RCW 46.01.110. WSR 23-19-010, § 308-10A-403, filed 9/7/23, effective 10/8/23.]