An enterprise is planning to outsource data processing for personally identifiable information (PII). When is the MOST appropriate time to define the requirements for security and privacy of information?
A. During the initial vendor selection process
B. After an assessment of the current information architecture
C. When issuing requests for proposals (RFPs)
D. When developing service level agreements (SLAs)
A. During the initial vendor selection process
B. After an assessment of the current information architecture
C. When issuing requests for proposals (RFPs)
D. When developing service level agreements (SLAs)