Certified Information Privacy Manager (CIPM) — Question 175

When conducting due diligence during an acquisition, what should a privacy professional avoid?

Answer options

• A. Discussing with the acquired company the type and scope of their data processing.
• B. Allowing legal in both companies to handle the privacy laws and compliance.
• C. Planning for impacts on the data processing operations post-acquisition.
• D. Benchmarking the two companies’ privacy policies against one another.

Correct answer: B

Explanation

The correct answer is B because relying solely on legal teams from both companies may lead to oversights in privacy compliance that a dedicated privacy professional could address. Options A, C, and D involve proactive measures that are essential for understanding and improving data handling practices during the acquisition process.