nerdexam
Isaca

CDPSE · Question #133

Which of the following is MOST important to review before using an application programming interface (API) to help mitigate related privacy risk?

The correct answer is D. Data flows. Reviewing data flows reveals exactly what personal data moves through an API, where it originates, where it goes, who can access it, and how it is processed or stored downstream. Without understanding data flows, you cannot accurately identify what personal data is at risk, who t

Privacy Architecture

Question

Which of the following is MOST important to review before using an application programming interface (API) to help mitigate related privacy risk?

Options

  • AData taxonomy
  • BData classification
  • CData collection
  • DData flows

How the community answered

(19 responses)
  • A
    11% (2)
  • C
    5% (1)
  • D
    84% (16)

Explanation

Reviewing data flows reveals exactly what personal data moves through an API, where it originates, where it goes, who can access it, and how it is processed or stored downstream. Without understanding data flows, you cannot accurately identify what personal data is at risk, who the data subjects are, or what privacy controls are needed. Data taxonomy (A) and data classification (B) help categorize data but do not by themselves show movement or exposure points. Data collection (C) is only one aspect of the broader flow. Data flow analysis is the foundational step in any privacy risk assessment for API use.

Topics

#API privacy#Data flow mapping#Risk mitigation#Privacy by Design

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice