nerdexam
Isaca

CDPSE · Question #398

Which of the following is the BEST approach for an organization that wants to transfer risk associated with a potential breach involving customer personal data?

The correct answer is B. Purchase cyber insurance. Risk transfer means shifting financial liability or impact to another party. Cyber insurance (B) directly achieves this by covering breach-related costs. Adopting standards (A) and retaining third parties (C, D) are risk mitigation/reduction, not transfer. "Risk transfer is commo

Privacy Governance

Question

Which of the following is the BEST approach for an organization that wants to transfer risk associated with a potential breach involving customer personal data?

Options

  • AAdopt industry standards for breach response
  • BPurchase cyber insurance
  • CHire an external data processor
  • DRetain a third party for breach investigation

How the community answered

(36 responses)
  • A
    3% (1)
  • B
    89% (32)
  • C
    3% (1)
  • D
    6% (2)

Explanation

Risk transfer means shifting financial liability or impact to another party. Cyber insurance (B) directly achieves this by covering breach-related costs. Adopting standards (A) and retaining third parties (C, D) are risk mitigation/reduction, not transfer. "Risk transfer is commonly achieved via insurance coverage for breach costs and liabilities."

Topics

#Risk management#Risk transfer#Cyber insurance

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice