Certified Information Privacy Manager (CIPM) — Question 91

Which of the following best supports implementing controls to bring privacy policies into effect?

Answer options

• A. The internal audit department establishing the audit controls which test for policy effectiveness.
• B. The legal department or outside counsel conducting a thorough review of the privacy program and policies.
• C. The Chief Information Officer as part of the Senior Management Team creating enterprise privacy policies to ensure controls are available.
• D. The information technology (IT) group supporting and enhancing the privacy program and privacy policy by developing processes and controls.

Correct answer: D

Explanation

The correct answer is D because the IT group plays a crucial role in developing the necessary processes and controls to support privacy programs. Options A and B focus on auditing and legal reviews, which are important but do not directly implement the controls. Option C involves policy creation but lacks the operational aspect of enhancing privacy through practical IT solutions.