ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 668 discussion

Actual exam question from Isaca's CISM
Question #: 668
Topic #: 1
[All CISM Questions]

Which of the following should be done FIRST when establishing a new data protection program that must comply with applicable data privacy regulations?

  • A. Encrypt all personal data stored on systems and networks.
  • B. Evaluate privacy technologies required for data protection.
  • C. Create an inventory of systems where personal data is stored.
  • D. Update disciplinary processes to address privacy violations.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by richck102 at July 7, 2023, 3:25 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yottabyte
10 months, 1 week ago
Selected Answer: C
without having an inventory of data, you will not know which components to protect.
upvoted 2 times
...
REHAMAZZAM
11 months, 3 weeks ago
Selected Answer: C
C. Create an inventory of systems where personal data is stored. When establishing a new data protection program that must comply with applicable data privacy regulations, the first step should be to create an inventory of systems where personal data is stored. This step is crucial for understanding the scope of personal data processing within the organization, which is foundational to developing effective data protection policies and procedures. Options A, B, and D are important considerations in building a comprehensive data protection program, but creating an inventory of systems is the initial step to gain visibility into where personal data resides within the organization.
upvoted 1 times
...
Uncle_Lucifer
1 year, 1 month ago
Selected Answer: B
A and C are wrong because they only referenced personal data
upvoted 2 times
...
Uncle_Lucifer
1 year, 1 month ago
if the use of the word "when" indicates before, then B is correct, but if it indicates concurrently, then C is correct
upvoted 2 times
...
Uncle_Lucifer
1 year, 1 month ago
Selected Answer: B
Going with B. Don't see how C is specific to personal data in the context of the question
upvoted 1 times
...
Uncle_Lucifer
1 year, 1 month ago
Going with B. Don't see how C is specific to personal data in the context of the question
upvoted 1 times
...
richck102
1 year, 6 months ago
Selected Answer: C
C. Create an inventory of systems where personal data is stored.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel