CDPSE · Question #378
Which of the following characteristics of a cloud service provider (CSP) poses the GREATEST privacy-related compliance risk?
The correct answer is C. CSP contract terms rarely agree to right-to-audit clauses.. A CSP's unwillingness to include right-to-audit clauses in contracts poses the greatest privacy compliance risk because it eliminates an organization's ability to independently verify that the CSP is actually meeting its contractual and regulatory privacy obligations. Without aud
Question
Which of the following characteristics of a cloud service provider (CSP) poses the GREATEST privacy-related compliance risk?
Options
- ACompliance-related training materials are developed without direct input from clients.
- BResources are allocated from geographically dispersed locations.
- CCSP contract terms rarely agree to right-to-audit clauses.
- DResources are provisioned as self-service without interaction with the CSP.
How the community answered
(25 responses)- A24% (6)
- B8% (2)
- C56% (14)
- D12% (3)
Explanation
A CSP's unwillingness to include right-to-audit clauses in contracts poses the greatest privacy compliance risk because it eliminates an organization's ability to independently verify that the CSP is actually meeting its contractual and regulatory privacy obligations. Without audit rights, compliance claims are unverifiable, and the organization remains accountable to regulators without the means to confirm the CSP's adherence. Developing training without client input (A) and self-service provisioning (D) are operational concerns but not critical compliance risks. Geographically dispersed resources (B) create cross-border data transfer considerations that are manageable with proper data processing agreements.
Topics
Community Discussion
No community discussion yet for this question.