A highly regulated organization acquired a medical technology startup company that processes sensitive personal information with weak data protection controls. Which of the following is the BEST way for the acquiring company to reduce its risk while still enabling the flexibility needed by the startup company?

QuestionsCategory: CRISCA highly regulated organization acquired a medical technology startup company that processes sensitive personal information with weak data protection controls. Which of the following is the BEST way for the acquiring company to reduce its risk while still enabling the flexibility needed by the startup company?
Admin Staff asked 6 months ago
A highly regulated organization acquired a medical technology startup company that processes sensitive personal information with weak data protection controls.
Which of the following is the BEST way for the acquiring company to reduce its risk while still enabling the flexibility needed by the startup company?

A. Implement a firewall and isolate the environment from the parent company's network.

B. Classify and protect the data according to the parent company's internal standards.

C. Have the data privacy officer review the startup company's data protection policies.

D. Identify previous data breaches using the startup company's audit reports.








 

Suggested Answer: C



This question is in CRISC exam 
For getting Risk and Information Systems Control Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.

Next Post

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.