CDPSE Question #25: Real Exam Question with Answer & Explanation

The correct answer is B: Development. A PIA is a systematic process to identify and evaluate the potential privacy impacts of a system, project, program or initiative that involves the collection, use, disclosure or retention of personal data. A PIA should be conducted as early as possible in the system lifecycle, pr

Privacy Architecture

Question

During which of the following system lifecycle stages is it BEST to conduct a privacy impact assessment (PIA) on a system that holds personal data?

Options

AFunctional testing
BDevelopment
CProduction
DUser acceptance testing (UAT)

Explanation

A PIA is a systematic process to identify and evaluate the potential privacy impacts of a system, project, program or initiative that involves the collection, use, disclosure or retention of personal data. A PIA should be conducted as early as possible in the system lifecycle, preferably during the development stage, to ensure that privacy risks are identified and mitigated before the system is deployed. Conducting a PIA during functional testing, UAT or production stages may be too late to address privacy issues effectively and may result in costly rework or delays.

Topics

#Privacy Impact Assessment (PIA)#System Development Life Cycle (SDLC)#Privacy by Design#Privacy Risk Management

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice Browse All CDPSE Questions