An organization will be impacted by a new data privacy regulation due to the location of its production facilities. What action should the risk practitioner take when evaluating the new regulation? A. Perform an analysis of the new regulation to ensure current risk is identified. B. Evaluate if the existing risk responses to the previous regulation are still adequate. C. Assess the validity and perform update testing on data privacy controls. D. Develop internal control assessments over data privacy for the new regulation. Â Suggested Answer: A This question is in CRISC exam For getting Risk and Information Systems Control Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer