CISSP · Question #792
To ensure compliance with the General Data Protection Regulation (GDPR), who in the organization should the help desk manager confer with before selecting a Software as a Service (SaaS) solution?
The correct answer is D. Data Protection Officer (DPO). To ensure compliance with the General Data Protection Regulation (GDPR) when adopting new services, the help desk manager must consult the organization's Data Protection Officer (DPO). The DPO is responsible for overseeing data protection strategy and ensuring adherence to privac
Question
To ensure compliance with the General Data Protection Regulation (GDPR), who in the organization should the help desk manager confer with before selecting a Software as a Service (SaaS) solution?
Options
- AData owner
- BDatabase administrator (DBA)
- CData center manager
- DData Protection Officer (DPO)
How the community answered
(13 responses)- A8% (1)
- D92% (12)
Why each option
To ensure compliance with the General Data Protection Regulation (GDPR) when adopting new services, the help desk manager must consult the organization's Data Protection Officer (DPO). The DPO is responsible for overseeing data protection strategy and ensuring adherence to privacy regulations.
While a data owner defines the classification and sensitivity of data, they are not typically the primary authority on regulatory compliance aspects of new IT solutions under GDPR.
A Database Administrator (DBA) manages and maintains databases, focusing on their technical performance, security, and integrity, rather than legal and regulatory compliance for data privacy.
A data center manager oversees the physical infrastructure, operations, and security of data center facilities, which is distinct from the legal compliance responsibilities for data processing within a SaaS solution.
The Data Protection Officer (DPO) is specifically tasked with advising the organization on its obligations under GDPR and monitoring compliance. Before selecting a Software as a Service (SaaS) solution that will process personal data, conferring with the DPO is crucial to assess privacy implications, conduct necessary Data Protection Impact Assessments (DPIAs), and ensure the solution meets GDPR requirements.
Concept tested: GDPR roles and responsibilities, Data Protection Officer function
Source: https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-data-protection-officer
Topics
Community Discussion
No community discussion yet for this question.