Which of the following is a key requirement of the NIST Privacy Framework's 'Control' function?

Answer options:

Develop and implement appropriate activities to enable organizations or individuals to manage data processing.

Develop and implement safeguards to protect data.

Develop and implement activities to identify privacy risks.

Develop and implement activities to notify individuals of breaches.

How to approach this question

NIST Privacy Framework functions: Identify, Govern, Control, Communicate, Protect. 'Control' is unique to Privacy (vs Security) and relates to managing how data is used.

Full Answer

A.Develop and implement appropriate activities to enable organizations or individuals to manage data processing.✓ Correct

The Control function in the NIST Privacy Framework focuses on enabling data management, including policies, processes, and technology that allow organizations and individuals to manage privacy risks and data processing preferences.

Common mistakes

Confusing Control (Privacy) with Protect (Security).

Question 28 All questions Question 30

Practice the full CPA ISC Practice Exam

82 questions · hints · full answers · grading

More questions from this exam

Q01A CPA is performing a risk assessment for a client that uses a public cloud provider for its core...Hard Q02During a walkthrough of a client's change management process, the auditor notes that developers h...Hard Q03A service organization provides a real-time transaction processing platform. The service level ag...Hard Q04An auditor is reviewing a SQL query used by the finance team to generate a report of all sales tr...Hard Q05A healthcare clearinghouse is preparing for a SOC 2® engagement. They utilize a private cloud dep...Hard

View all 82 questions →