CDPSE · Question #170
Which of the following MOST significantly impacts an organization's ability to respond to data subject access requests?
The correct answer is D. Availability of application data flow diagrams is limited.. To respond to a data subject access request (DSAR), an organization must know where the subject's personal data lives across all systems and processes. Application data flow diagrams provide the map of where personal data enters, is processed, stored, and shared. Without them, st
Question
Which of the following MOST significantly impacts an organization's ability to respond to data subject access requests?
Options
- AThe organization's data retention schedule is complex.
- BLogging of systems and application data is limited.
- CThird-party service level agreement (SLA) data is not always available.
- DAvailability of application data flow diagrams is limited.
How the community answered
(54 responses)- A6% (3)
- B9% (5)
- C19% (10)
- D67% (36)
Explanation
To respond to a data subject access request (DSAR), an organization must know where the subject's personal data lives across all systems and processes. Application data flow diagrams provide the map of where personal data enters, is processed, stored, and shared. Without them, staff cannot reliably locate all relevant data, making complete and accurate responses nearly impossible. A complex retention schedule (A) complicates deletion timelines but doesn't prevent locating data. Limited system logging (B) affects auditability but not data location. Missing third-party SLA data (C) may delay responses but is not the most critical gap.
Topics
Community Discussion
No community discussion yet for this question.