CISA Certified Information Systems Auditor – Question0494

Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization?

A.
To identify data at rest and data in transit for encryption
B. To prevent confidential data loss
C. To comply with legal and regulatory requirements
D. To provide options to individuals regarding use of their data

Correct Answer: C