CISA Certified Information Systems Auditor – Question0831

Which of the following is the MOST important privacy consideration for an organization that uses a cloud service provider to process customer data?

A.
Data privacy must be monitored in accordance with industry standards and best practices.
B. All customer data transferred to the service provider must be reported to the regulatory authority.
C. No personal information may be transferred to the service provider without the consent of the customer.
D. Data privacy must be managed in accordance with the regulations applicable to the organization.

Correct Answer: D