Which of the following data protection principles MUST be implemented to address this gap?

exams CISA CISA exam 1 Comment

An IS auditor reviewing an organization’s data privacy controls observes that privacy notices do not clearly state how the organization uses customer data for its processing operations.

Which of the following data protection principles MUST be implemented to address this gap?
A . Maintenance of data integrity
B . Access to collected data
C . Retention of consent documentation
D . Purpose for data collection

Answer: B

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF CISA Questions Online Training

1 Comment

Inline Feedbacks

View all comments

Abhi

3 years ago

corrects is B – because question says privacy notices does not specific how organization is using the data , defining purpose of data collect is irrelevant for this question , how company is access collected data will mitigate the weakness of not mentioning how company is using the collected user data