Which of the following is MOST important for an IS auditor to examine when reviewing an organization’s privacy policy?
A . Whether there is explicit permission from regulators to collect personal data
B. The organization’s legitimate purpose for collecting personal data
C. Whether sharing of personal information with third-party service providers is prohibited
D. The encryption mechanism selected by the organization for protecting personal data
Answer: B
Latest CISA Dumps Valid Version with 2694 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund