CDPSE Question #145: Real Exam Question with Answer & Explanation

The correct answer is D: Review proposed privacy rules that govern the processing of personal data. Reviewing proposed privacy rules that govern the processing of personal data is the most useful action to help define the scope of the project because it helps identify the legal and regulatory requirements, the data protection principles and the privacy objectives that the infor

Privacy Governance

Question

An organization has initiated a project to enhance privacy protections by improving its information security controls. Which of the following is the MOST useful action to help define the scope of the project?

Options

AReview recent audit reports on the internal control environment
BIdentify databases that contain personal data
CIdentify databases that do not have encryption in place.
DReview proposed privacy rules that govern the processing of personal data

Explanation

Reviewing proposed privacy rules that govern the processing of personal data is the most useful action to help define the scope of the project because it helps identify the legal and regulatory requirements, the data protection principles and the privacy objectives that the information security controls need to support. Reviewing recent audit reports, identifying databases that contain personal data or do not have encryption in place are helpful actions to assess the current state of privacy and security, but they do not provide a clear direction for the project scope.

Topics

#Project Scoping#Privacy Regulations#Compliance Management#Privacy Program Design

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice Browse All CDPSE Questions