nerdexam
(ISC)2

CISSP · Question #216

What does an organization FIRST review to assure compliance with privacy requirements?

The correct answer is C. Legal and regulatory mandates. The first thing that an organization reviews to assure compliance with privacy requirements is the legal and regulatory mandates that apply to its business operations and data processing activities. Legal and regulatory mandates are the laws, regulations, standards, and contracts

Submitted by yaw92· Mar 5, 2026Security and Risk Management

Question

What does an organization FIRST review to assure compliance with privacy requirements?

Options

  • ABest practices
  • BBusiness objectives
  • CLegal and regulatory mandates
  • DEmployee's compliance to policies and standards

How the community answered

(40 responses)
  • A
    3% (1)
  • B
    3% (1)
  • C
    95% (38)

Explanation

The first thing that an organization reviews to assure compliance with privacy requirements is the legal and regulatory mandates that apply to its business operations and data processing activities. Legal and regulatory mandates are the laws, regulations, standards, and contracts that govern how an organization must protect the privacy of personal information and the rights of data subjects. An organization must identify and understand the relevant mandates that affect its jurisdiction, industry, and data types, and implement the appropriate controls and measures to comply with them.

Topics

#privacy compliance#regulatory requirements#legal mandates#data protection

Community Discussion

No community discussion yet for this question.

Full CISSP Practice