Risk Assessment Guide
Manual del Programa de Certificación Privacy+
Formulario de Solicitud Privacy+
How to Apply
The steps to apply for Privacy+ Certification are as follows:
- Review the Privacy+ Handbook thoroughly to make sure you understand the Privacy+ program, the Privacy+ control objectives, and the process required to establish and maintain Privacy+ certification.
- Have your auditor complete the Auditor Commitment and Approval Form. Note that if you intend to use an auditor other than Kirkpatrick Price, your auditor must be approved by PRISM International in writing. Although not required, we suggest that you wait until PRISM International accepts your auditor before you proceed with the audit because PRISM International’s approval of your auditor is not guaranteed.
- Submit the following forms from the handbook to PRISM International:
- Application Form
- License Agreement
- Auditor Commitment and Approval Form.
- Receive an invoice from PRISM International for the application fee, first year’s licensing fees, and, if you are using Kirkpatrick Price, audit fees. If you are using an audit firm other than Kirkpatrick Price, invoice receipt from PRISM International indicates your auditor has been approved. If your auditor is not approved, you will be contacted directly by PRISM International staff.
- Pay your PRISM invoice within 30 days of receipt.
- Schedule the audit. We would prefer that your Privacy+ audit is completed within 6 months of submitting your Privacy+ application. If your audit is not completed within 1 year of submitting your application, you will need to submit a new application and application fee.
- When your audit is complete, your auditor will forward Privacy+ Audit Report Form B to PRISM International and Privacy+ Audit Report Forms A and B to you.
- Privacy+ certification will be granted by PRISM International within 30 days of receiving a successfully completed Audit Report Form B.
- To maintain Privacy+ certification, companies must have a Privacy+ audit every 2 years.
- To become recertified, applicant companies must repeat steps 2–7 (listed in How to Apply) prior to the second anniversary of initial certification and thereafter every 2 years. Given the lead time required to complete an audit, participants are advised to begin the recertification process at least 6 months before the second anniversary.
- If PRISM International does not receive a new Audit Report Form B by 2 years from the initial certification date, the company will no longer be Privacy+ certified and must discontinue use of the Privacy+ name and marking in all marketing materials.
Note: attendance at a Privacy+ Certification Audit Readiness Workshop must be completed prior to the audit process and certification being approved.
PRISM International | 8735 W. Higgins Road | Suite 300 | Chicago, IL 60631 | United States |
Phone: 847.375.6344 | Fax: 847.375.6343 | E-mail: