CGEIT · Question #228
CGEIT Question #228: Real Exam Question with Answer & Explanation
The correct answer is A: Standardize data classification processes throughout the enterprise.. The best long-term strategic response is to standardize data classification processes throughout the enterprise, ensuring consistent application of privacy categorizations to all data.
Question
An IT audit reveals inconsistent maintenance of data privacy in enterprise systems primarily due to a lack of data sensitivity categorizations. Once the categorizations are defined, what is the BEST long-term strategic response by IT governance to address this problem?
Options
- AStandardize data classification processes throughout the enterprise.
- BIncorporate enterprise privacy categorizations into contracts.
- CRequire business impact analyses (BIAs) for enterprise systems.
- DReassess the data governance policy.
Explanation
The best long-term strategic response is to standardize data classification processes throughout the enterprise, ensuring consistent application of privacy categorizations to all data.
Common mistakes.
- B. Incorporating privacy categorizations into contracts is a good step for third-party agreements but does not address the internal operational problem of inconsistent data privacy maintenance within enterprise systems.
- C. Requiring business impact analyses (BIAs) for enterprise systems focuses on the impact of disruption, which is different from ensuring consistent data privacy based on classification.
- D. Reassessing the data governance policy might be a step, but the specific, actionable strategic response to implement the newly defined categorizations is process standardization.
Concept tested. Data governance, data classification standardization
Reference. https://learn.microsoft.com/en-us/azure/purview/concept-data-classification
Topics
Community Discussion
No community discussion yet for this question.