ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CGEIT All Questions

View all questions & answers for the CGEIT exam
Go to Exam

Exam CGEIT topic 1 question 290 discussion

Actual exam question from Isaca's CGEIT
Question #: 290
Topic #: 1
[All CGEIT Questions]

A health tech enterprise wants to ensure that its in-house developed mobile app for users complies with data privacy regulations. Which of the following should be identified FIRST when creating an inventory of information systems and data related to the mobile app?

  • A. Vendors and outsourced systems
  • B. Data maintained by vendors
  • C. Information classification scheme
  • D. Application and data owners
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by WongY at Sept. 28, 2021, 3:58 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
shiowbah
9 months, 1 week ago
C. Information classification scheme
upvoted 1 times
shiowbah
9 months ago
D. Application and data owners
upvoted 1 times
...
...
SuperMax
10 months, 1 week ago
Selected Answer: D
D. Application and data owners When creating an inventory of information systems and data related to the mobile app, identifying the application and data owners should be the FIRST step. Application and data owners are responsible for overseeing the development, maintenance, and security of the mobile app and its associated data. They are accountable for ensuring that the app complies with data privacy regulations and that user data is handled appropriately. By identifying the application and data owners first, the health tech enterprise can establish clear lines of responsibility and accountability for managing the mobile app and its data. This lays the foundation for effective data governance and compliance with data privacy regulations.
upvoted 1 times
...
Sathish5
1 year ago
Selected Answer: D
When creating an inventory of information systems and data related to the mobile app to ensure compliance with data privacy regulations, the FIRST consideration should be to identify the Application and data owners (Option D). Application owners are responsible for the development, maintenance, and overall ownership of the mobile app, while data owners are responsible for the specific data processed and stored by the app. Identifying application and data owners is crucial because it establishes accountability for the app and its associated data. These individuals or roles can provide insights into how data is collected, processed, stored, and shared, and can help ensure that data privacy regulations are adhered to throughout the app's lifecycle.
upvoted 2 times
...
kertyce
1 year, 10 months ago
C is correct answers..... first the company needs to have a classification scheme that will help owners to classify his asset
upvoted 2 times
...
WongY
3 years, 3 months ago
below are the logical steps: 1. Inventory of Information Asset 2. Established ownership 3. Classification of resources/assets 4. Labelling 5. Access control list
upvoted 3 times
WongY
3 years, 3 months ago
D should be the answer... Step 1 (application) & 2 (owner)
upvoted 5 times
Ramye
3 years ago
What comes first - classification or ownership? Should be classification and then a appropriate owner can be assigned to the appropriate information.
upvoted 1 times
Ramye
3 years ago
Here’s a good read if anyone is interested — http://srcsecuresolutions.eu/pdf/Data_Classification_Ownership.pdf
upvoted 1 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel