Mysystem.org IT ExamsCISM Question 5 2017-04-07
Question: In assessing the degree to which an organization may be affected by new privacy legislation, information security management should FIRST:
A.) develop an operational plan for achieving compliance with the legislation.
Answer ==> B.) identify systems and processes that contain privacy components.
C.) restrict the collection of personal information until compliant.
D.) identify privacy legislation in other countries that may contain similar requirements.