CERTIFIED-IN-CYBERSECURITY · Question #549
CERTIFIED-IN-CYBERSECURITY Question #549: Real Exam Question with Answer & Explanation
The correct answer is B: To stay compliant with changing regulations. Organizations must periodically review their retained records to comply with changing regulations. Data privacy regulations can change over time, and organizations must ensure they are in compliance to avoid legal penalties, particularly with respect to data retention (see ISC2 S
Question
Why is it essential for organizations to periodically review their retained records?
Options
- ATo retain only pertinent information
- BTo stay compliant with changing regulations
- CTo free up storage space
- DTo detect possible security risks in the data stored
Explanation
Organizations must periodically review their retained records to comply with changing regulations. Data privacy regulations can change over time, and organizations must ensure they are in compliance to avoid legal penalties, particularly with respect to data retention (see ISC2 Study Guide, Chapter 5, Module 1). For example, with the introduction of the General Data Protection Regulation (GDPR) in the European Union, there are specific requirements for how long certain types of data can be retained. If an organization doesn't review and update its records in accordance with these changes, it could face significant fines. While the other options are valid reasons for an organization to review its retained records, they are not the primary reason. Retaining only relevant information and freeing up storage are operational considerations, not regulatory requirements. Identifying potential security risks in stored data is part of an organization's overall security strategy, but it is not the primary reason for reviewing retained
Topics
Community Discussion
No community discussion yet for this question.