Isaca Exam CDPSE Topic 1 Question 43 Discussion

Actual exam question for Isaca's CDPSE exam

Question #: 43
Topic #: 1

[All CDPSE Questions]

Which of the following should be the FIRST consideration when conducting a privacy impact assessment (PIA)?

AThe applicable privacy legislation

BThe quantity of information within the scope of the assessment

CThe systems in which privacy-related data is stored

DThe organizational security risk profile

Show Suggested Answer

Suggested Answer: B

The principle of least privilege is the most important principle to apply when granting access to an ERP system that contains a significant amount of personal dat

a. The principle of least privilege states that users should only have the minimum level of access and permissions necessary to perform their legitimate tasks and functions, and no more. Applying the principle of least privilege helps to protect the privacy and security of the personal data in the ERP system, as it reduces the risk of unauthorized or inappropriate access, disclosure, modification, or deletion of the data. It also helps to comply with the privacy laws and regulations, such as the GDPR, that require data controllers and processors to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

by Danica at May 31, 2024, 01:58 PM

Limited Time Offer

25%

Off

Get Premium CDPSE Questions as Interactive Web-Based Practice Test or PDF