nerdexam
Isaca

CDPSE · Question #240

A privacy impact assessment (PIA) is BEST performed by reviewing controls:

The correct answer is D. throughout the technology stack.. A Privacy Impact Assessment (PIA) evaluates privacy risks across the entire system lifecycle and technology stack - from data collection at the application layer, through processing and storage at the database layer, to transmission at the network layer. Reviewing controls throug

Privacy Architecture

Question

A privacy impact assessment (PIA) is BEST performed by reviewing controls:

Options

  • Ain best practices frameworks.
  • Bfor identity and access management.
  • Cbased on vulnerability assessments.
  • Dthroughout the technology stack.

How the community answered

(31 responses)
  • A
    3% (1)
  • B
    16% (5)
  • C
    6% (2)
  • D
    74% (23)

Explanation

A Privacy Impact Assessment (PIA) evaluates privacy risks across the entire system lifecycle and technology stack - from data collection at the application layer, through processing and storage at the database layer, to transmission at the network layer. Reviewing controls throughout the technology stack ensures a comprehensive view of all points where personal data flows and where risks may exist. Best practices frameworks (A) provide guidance but are not a substitute for stack-level review. Identity and access management (B) and vulnerability assessments (C) are specific controls, not comprehensive PIA methodologies.

Topics

#Privacy Impact Assessment (PIA)#Controls Review#Technology Stack#Privacy by Design

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice