nerdexam
(ISC)2

CISSP · Question #792

To ensure compliance with the General Data Protection Regulation (GDPR), who in the organization should the help desk manager confer with before selecting a Software as a Service (SaaS) solution?

The correct answer is D. Data Protection Officer (DPO). To ensure compliance with the General Data Protection Regulation (GDPR) when adopting new services, the help desk manager must consult the organization's Data Protection Officer (DPO). The DPO is responsible for overseeing data protection strategy and ensuring adherence to privac

Submitted by hassan_iq· Mar 5, 2026Security and Risk Management

Question

To ensure compliance with the General Data Protection Regulation (GDPR), who in the organization should the help desk manager confer with before selecting a Software as a Service (SaaS) solution?

Options

  • AData owner
  • BDatabase administrator (DBA)
  • CData center manager
  • DData Protection Officer (DPO)

How the community answered

(13 responses)
  • A
    8% (1)
  • D
    92% (12)

Why each option

To ensure compliance with the General Data Protection Regulation (GDPR) when adopting new services, the help desk manager must consult the organization's Data Protection Officer (DPO). The DPO is responsible for overseeing data protection strategy and ensuring adherence to privacy regulations.

AData owner

While a data owner defines the classification and sensitivity of data, they are not typically the primary authority on regulatory compliance aspects of new IT solutions under GDPR.

BDatabase administrator (DBA)

A Database Administrator (DBA) manages and maintains databases, focusing on their technical performance, security, and integrity, rather than legal and regulatory compliance for data privacy.

CData center manager

A data center manager oversees the physical infrastructure, operations, and security of data center facilities, which is distinct from the legal compliance responsibilities for data processing within a SaaS solution.

DData Protection Officer (DPO)Correct

The Data Protection Officer (DPO) is specifically tasked with advising the organization on its obligations under GDPR and monitoring compliance. Before selecting a Software as a Service (SaaS) solution that will process personal data, conferring with the DPO is crucial to assess privacy implications, conduct necessary Data Protection Impact Assessments (DPIAs), and ensure the solution meets GDPR requirements.

Concept tested: GDPR roles and responsibilities, Data Protection Officer function

Source: https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-data-protection-officer

Topics

#GDPR#Data Protection Officer#DPO#regulatory compliance

Community Discussion

No community discussion yet for this question.

Full CISSP Practice