Certified Information Privacy Manager (CIPM) — Question 232

Which of the following would NOT be beneficial in integrating privacy requirements and representation into functional areas across an organization?

Answer options

• A. Creating a structure that provides a communication chain (formally and informally) that a privacy professional can use in performing key data protection activities.
• B. Creating a governance structure composed of representatives from each business function and geographic region in which the organization has a presence.
• C. Creating a program where the privacy officer (or privacy team) can lead on privacy matters by having exclusive responsibility to execute the privacy mission.
• D. Creating a privacy committee or council composed of various stakeholders.

Correct answer: C

Explanation

Option C is correct because having a single privacy officer with exclusive responsibility can isolate privacy concerns rather than integrating them across the organization. Options A, B, and D promote collaboration and communication, which are essential for effectively embedding privacy practices in all areas of the business.