CISM Certified Information Security Manager – Question0058

A good privacy statement should include:

A.
notification of liability on accuracy of information.
B. notification that information will be encrypted.
C. what the company will do with information it collects.
D. a description of the information classification process.

Correct Answer: C

Explanation:

Explanation:
Most privacy laws and regulations require disclosure on how information will be used. Choice A is incorrect because that information should be located in the web site’s disclaimer. Choice B is incorrect because, although encryption may be applied, this is not generally disclosed. Choice D is incorrect because information classification would be contained in a separate policy.