Certified Information Privacy Manager (CIPM) — Question 41

Which statement is FALSE regarding the use of technical security controls?

Answer options

• A. Technical security controls are part of a data governance strategy.
• B. Technical security controls deployed for one jurisdiction often satisfy another jurisdiction.
• C. Most privacy legislation lists the types of technical security controls that must be implemented.
• D. A person with security knowledge should be involved with the deployment of technical security controls.

Correct answer: C

Explanation

Option C is correct because not all privacy legislation explicitly outlines the specific types of technical security controls that must be applied; this can vary widely. Options A, B, and D are accurate statements, as technical controls are indeed part of data governance, can often be applicable across jurisdictions, and require knowledgeable personnel for effective implementation.