As a guidance and enhanced regulations on the compliance audit activities of personal information protection, the Cyberspace Administration of China issued “Administrative Measures for the Personal Information Protection Compliance Audit (Comment Draft)” and the annex of “Reference Points for Compliance Audit of Personal Information Protection” for public comments.
Avista extracted some key provisions, with additional interpretation in terms of internal control, to provide personal information processors a better understanding for the regulatory requirements of the personal information protection-related compliance audit.