Which of the following is MOST important to ensure when developing a business case for the procurement of a new IT system that will process and store personal information?
A . The system architecture is clearly defined.
B . A risk assessment has been completed.
C . Security controls are clearly defined.
D . Data protection requirements are included.
Answer: D
Explanation:
Reference: https://www.isaca.org/privacy-policy
The most important thing to ensure when developing a business case for the procurement of a new IT system that will process and store personal information is that data protection requirements are included. This means that the organization should identify and analyze the privacy risks and impacts of the new IT system, and determine the appropriate measures to mitigate or eliminate them. The data protection requirements should cover aspects such as data minimization, consent, access, rectification, erasure, portability, security, breach notification, etc. The data protection requirements should also align with the organization’s privacy policies and applicable privacy regulations.
Reference: CDPSE Review Manual (Digital Version), page 63
Latest CDPSE Dumps Valid Version with 120 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund