Certified Information Privacy Manager (CIPM) — Question 219

There are different forms of monitoring available for organizations to consider when aligning with their privacy program goals.
Which of the following forms of monitoring is best described as ‘auditing’?

Answer options

• A. Evaluating operations, systems, and processes.
• B. Tracking, reporting and documenting complaints from all sources.
• C. Assisting in the completion of attesting reporting for SOC2, ISO, or BS7799.
• D. Ensuring third parties have appropriate security and privacy requirements in place.

Correct answer: A

Explanation

The correct answer is A, as auditing involves a thorough evaluation of operations, systems, and processes to ensure compliance and effectiveness. Options B, C, and D focus on tracking complaints, assisting with reporting standards, and verifying third-party compliance, which are not directly categorized as auditing.