nerdexam
Isaca

CDPSE · Question #195

What requirements would be BEST to include in a service level agreement when data is regularly moved outside of the enterprise as part of its life cycle?

The correct answer is D. Quality and privacy requirements. Quality and privacy requirements (D) belong in an SLA when data moves outside the enterprise because external transfers introduce risks to data integrity and personal information protection - an SLA must contractually enforce standards that your organization can no longer directl

Data Life Cycle

Question

What requirements would be BEST to include in a service level agreement when data is regularly moved outside of the enterprise as part of its life cycle?

Options

  • AData persistence requirements
  • BData modeling requirements
  • CData minimization requirements
  • DQuality and privacy requirements

How the community answered

(28 responses)
  • A
    11% (3)
  • B
    14% (4)
  • C
    4% (1)
  • D
    71% (20)

Explanation

Quality and privacy requirements (D) belong in an SLA when data moves outside the enterprise because external transfers introduce risks to data integrity and personal information protection - an SLA must contractually enforce standards that your organization can no longer directly control once data leaves your environment.

  • A (Data persistence) addresses how long data is retained and stored, which is an internal lifecycle concern, not the primary SLA focus when data is being transferred externally.
  • B (Data modeling) relates to how data is structured and defined - a design/architecture concern, not a contractual protection for external data handling.
  • C (Data minimization) is a good privacy principle (collect only what's needed), but it's a design decision made before data is collected, not an SLA requirement for managing data that's already being transferred.

Memory tip: Think "outside = exposure risk." When data crosses your boundary, the two things you can't afford to lose are its quality (accuracy, completeness) and privacy (compliance, protection) - both of which must be locked in via the SLA with the external party.

Topics

#Service Level Agreements#Data Privacy#External Data Transfer#Data Governance

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice