nerdexam
Isaca

CDPSE · Question #170

Which of the following MOST significantly impacts an organization's ability to respond to data subject access requests?

The correct answer is D. Availability of application data flow diagrams is limited.. To respond to a data subject access request (DSAR), an organization must know where the subject's personal data lives across all systems and processes. Application data flow diagrams provide the map of where personal data enters, is processed, stored, and shared. Without them, st

Privacy Architecture

Question

Which of the following MOST significantly impacts an organization's ability to respond to data subject access requests?

Options

  • AThe organization's data retention schedule is complex.
  • BLogging of systems and application data is limited.
  • CThird-party service level agreement (SLA) data is not always available.
  • DAvailability of application data flow diagrams is limited.

How the community answered

(54 responses)
  • A
    6% (3)
  • B
    9% (5)
  • C
    19% (10)
  • D
    67% (36)

Explanation

To respond to a data subject access request (DSAR), an organization must know where the subject's personal data lives across all systems and processes. Application data flow diagrams provide the map of where personal data enters, is processed, stored, and shared. Without them, staff cannot reliably locate all relevant data, making complete and accurate responses nearly impossible. A complex retention schedule (A) complicates deletion timelines but doesn't prevent locating data. Limited system logging (B) affects auditability but not data location. Missing third-party SLA data (C) may delay responses but is not the most critical gap.

Topics

#Data Subject Access Requests#Data Flow Mapping#Data Discovery#Privacy Operations

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice