The Institute of internal Auditors Philippines, Inc.

The Institute of Internal Auditors (IIA) Philippines is a professional organization dedicated to the advancement of the internal audit profession in the country. Our members, who work in internal auditing, risk management, governance, internal control, information technology audit, education and security, came from various industry or sectors in the Philippines and belong to a global network of almost 200,000+ professionals from more than 170 countries and territories sharing a common vision of a global profession of internal auditing.

The Institute of Internal Auditors Philippines Inc. (IIAP) was registered with SEC in 1982 and formerly known as The Institute of Internal Auditors, Inc. – Manila Chapter. It was founded on August 14, 1948 by Mr. Santiago F. Dela Cruz Sr. along with a small group of accountants actively engaged in the profession. Mr. Dela Cruz, who is considered to be the moving spirit of the association, is the same man who, two years earlier than IIAP, co-established the Philippine College of Commerce and Business Administration (PCCBA) which we now know as the University of the East.

The IIAP despite some struggles during its formative years was able to attain full-fledged stature as a professional association upon earning its “Institute” status from The Institute of Internal Auditors (IIA Global) in 1990. At the time, IIAP is 1 of the 6 (six) chapters in the Pacific Region (others were in Bombay, Tokyo, Sydney, Melbourne and Ceylon). On its 75th Anniversary Celebration and Global Business Meeting last 16-17 July 2016 at New York Hilton Midtown, the IIAP was acknowledged as the 3rd Chapter organized by the IIA Global since the latter’s founding in 1941 still then headquartered in New York City, USA

Contact us

Thei Parungao

Event Details

Focus and Features

Individuals and institutions are taking drastic measures to flatten the curve of COVID-19 infections, and these measures, while important, may threaten our recently recognized privacy rights.

Privacy is a risk management issue for businesses, governments, and nonprofit organizations. Consumers are concerned with how businesses and organizations use and protect this information. Business owners and management want to meet the needs and expectations of their customers, business partners, and employees; keep any commitments pursuant to contractual agreements; and comply with applicable data privacy and security laws and regulations.

To become an effective Internal Auditor, the main objectives of this training are as follows:

  • Understand why Privacy is important in enforcement activity, incident management and laws, rules and regulations,
  • Understand your obligations and ensure compliance with applicable laws and regulations when processing Personal Information and
  • Develop a privacy audit program that will enable you to identify and evaluate the key risks as well as come-up with recommendation on the improvement of your company's privacy compliance program.

Attendees will gain a foundation of knowledge that will allow them to properly prepare for and conduct a successful audit of the privacy compliance program.

What You Will Learn

I. Introduction to Privacy

  • What is Privacy?
  • Definition of Personal Information
  • Privacy Roles (Data subject, Data Controller, Privacy Officer, etc.)
  • Internal Auditing's Role in the Privacy Framework
  • Privacy Audit

II. AICPA/CICA Generally Accepted Privacy Principles (GAPP)

  • Management
  • Privacy Notice
  • Choice and Consent
  • Collection
  • Use, Retention and Disposal
  • Access
  • Disclosure to Third Parties
  • Security for Privacy
  • Quality
  • Monitoring and Enforcement

III. Privacy Risk Assessment

  • Significance and Likelihood of Privacy Risks
  • Privacy Heat Map (Risk Map) using GAPP Framework

IV. Audit Process

  • Engagement Planning
  • Performing Engagement
  • Communicating and Monitoring Audit Results

V. Case Studies

VI. Seminar Conclusion

  • Plan for Action


Michael Cabatuando (ASPAC Privacy Compliance Head and Data Protection Officer at Johnson & Johnson)

Michael Cabatuando

ASPAC Privacy Compliance Head and Data Protection Officer at Johnson & Johnson

Sponsors and Partners

Member's rate

Member Price₱995

Non-member's rate

Public Price₱1,995