Statutes, codes, and regulations
Washington Administrative Code
Title 308 - Licensing, Department of (See also Titles 36, 98 and 196)
Chapter 308-10A - Data Sharing
Section 308-10A-403 - Independent third-party auditor qualifications

Wash. Admin. Code § 308-10A-403

Download
PDF
Current through Register Vol. 25-01, January 1, 2025
Section 308-10A-403 - Independent third-party auditor qualifications

Independent third-party auditors conducting data security audits must, at a minimum, hold one of the following qualifications:

(1) American Institute of Certified Public Accountants (AICPA);
(2) Certified Information Security Auditor (CISA/ISACA);
(3) ANSI-ASQ National Accreditation Board (ANAB); or
(4) Other nationally recognized information technology auditing certification.
(5) An internal audit organization that can attest it conforms with the international standards for the professional practice of internal auditing.

Wash. Admin. Code § 308-10A-403

Adopted by WSR 23-19-010, Filed 9/7/2023, effective 10/8/2023