CISM Certified Information Security Manager – Question0068
When personal information is transmitted across networks, there MUST be adequate controls over: A. change management. B. privacy protection. C. consent to data transfer. D. encryption devices.
Correct Answer: B
Explanation:
Explanation:
Privacy protection is necessary to ensure that the receiving party has the appropriate level of protection of personal data. Change management primarily protects only the information, not the privacy of the individuals. Consent is one of the protections that is frequently, but not always, required. Encryption is a method of achieving the actual control, but controls over the devices may not ensure adequate privacy protection and, therefore, is a partial answer.
Please disable your adblocker or whitelist this site!