nerdexam
Isaca

CDPSE · Question #382

Which of the following BEST enables an organization to manage privacy risk consistently over time?

The correct answer is C. Devising a structured approach to track risk mitigation activities. A structured, repeatable approach to tracking risk mitigation activities is the best mechanism for managing privacy risk consistently over time. It ensures that identified risks are assigned owners, remediation actions are tracked to completion, and the organization can demonstra

Privacy Governance

Question

Which of the following BEST enables an organization to manage privacy risk consistently over time?

Options

  • AInventorying all databases containing personal data
  • BIncluding privacy risk in the enterprise risk profile
  • CDevising a structured approach to track risk mitigation activities
  • DAppointing the legal team to own privacy risk

How the community answered

(22 responses)
  • A
    5% (1)
  • B
    9% (2)
  • C
    82% (18)
  • D
    5% (1)

Explanation

A structured, repeatable approach to tracking risk mitigation activities is the best mechanism for managing privacy risk consistently over time. It ensures that identified risks are assigned owners, remediation actions are tracked to completion, and the organization can demonstrate ongoing progress. Inventorying databases (A) is a one-time or periodic task that does not itself drive continuous risk management. Including privacy in the enterprise risk profile (B) is important for visibility but does not guarantee that risks are actively tracked or mitigated. Assigning ownership solely to the legal team (D) is a governance anti-pattern; privacy risk management requires cross-functional participation across IT, operations, and business units.

Topics

#Privacy risk management#Risk mitigation tracking#Privacy program management#Continuous monitoring

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice