CDPSE Question #170: Real Exam Question with Answer & Explanation

Question

Which of the following MOST significantly impacts an organization's ability to respond to data subject access requests?

Options

• AThe organization's data retention schedule is complex.
• BLogging of systems and application data is limited.
• CThird-party service level agreement (SLA) data is not always available.
• DAvailability of application data flow diagrams is limited.

Explanation

The availability of application data flow diagrams is the most significant factor that impacts an organization's ability to respond to data subject access requests. Data subject access requests are requests made by data subjects to exercise their rights under privacy laws or regulations, such as the right to access, rectify, erase, or port their personal data. To respond to these requests effectively and efficiently, the organization needs to have a clear and accurate understanding of how personal data is collected, processed, stored, shared, and disposed of within its applications and systems. Application data flow diagrams are graphical representations of the data lifecycle that show the sources, destinations, transformations, and dependencies of the data. Having these diagrams readily available helps the organization to locate, retrieve, modify, or delete the personal data in response to the data subject access requests. The other options are less significant or relevant than the availability of application data flow diagrams, as they do not directly affect the organization's ability to identify and access the personal data.

No community discussion yet for this question.