A highly regulated organization acquired a medical technology startup company that processes sensitive personal information with weak data protection controls. Which of the following is the BEST way for the acquiring company to reduce its risk while still enabling the flexibility needed by the startup company? A. Implement a firewall and isolate the environment from the parent company's network. B. Classify and protect the data according to the parent company's internal standards. C. Have the data privacy officer review the startup company's data protection policies. D. Identify previous data breaches using the startup company's audit reports. Â Suggested Answer: C This question is in CRISC exam For getting Risk and Information Systems Control Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer