nerdexam
Isaca

CDPSE · Question #327

Which of the following is MOST useful for senior management to review when preparing to release a new service involving substantial use of personal data?

The correct answer is C. Privacy impact assessment (PIA). A Privacy Impact Assessment (PIA) is a structured pre-launch analysis specifically designed to identify and mitigate privacy risks before a new service or system goes live. It gives senior management a forward-looking risk picture, including data flows, legal basis, risk ratings,

Privacy Governance

Question

Which of the following is MOST useful for senior management to review when preparing to release a new service involving substantial use of personal data?

Options

  • APrivacy policy
  • BPrivacy control self-assessment (CSA)
  • CPrivacy impact assessment (PIA)
  • DPrivacy incident management capability

How the community answered

(45 responses)
  • A
    2% (1)
  • B
    9% (4)
  • C
    84% (38)
  • D
    4% (2)

Explanation

A Privacy Impact Assessment (PIA) is a structured pre-launch analysis specifically designed to identify and mitigate privacy risks before a new service or system goes live. It gives senior management a forward-looking risk picture, including data flows, legal basis, risk ratings, and recommended controls. A privacy policy (A) communicates practices externally but does not assess risk. A CSA (B) evaluates existing controls, not new services. Incident management capability (D) is reactive, not a pre-launch decision-making tool.

Topics

#Privacy Impact Assessment (PIA)#Risk Management#New Service Introduction#Senior Management Oversight

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice