What would be an example of an organization transferring the risks associated with a data breach?
A . Using a third-party service to process credit card transactions.
B. Encrypting sensitive personal data during collection and storage
C. Purchasing insurance to cover the organization in case of a breach.
D. Applying industry standard data handling practices to the organization’ practices.
Answer: C
Explanation:
Reference: http://www.hpso.com/Documents/pdfs/newsletters/firm09-rehabv1.pdf
Purchasing insurance to cover the organization in case of a breach. By purchasing insurance, the organization can transfer the financial risks associated with a data breach to an insurance provider. This is a risk management strategy that can help an organization mitigate the financial impact of a breach.
Transferring risk means shifting some or all of the potential losses or liabilities associated with a risk to another party2. Purchasing insurance is one way of transferring risk, as it allows the organization to share the financial burden of a data breach with an insurer. The other options do not involve transferring risk, but rather reducing, avoiding or accepting it.
Latest CIPT Dumps Valid Version with 90 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund