Certified Information Privacy Professional – Europe (CIPP/E) — Question 57

Read the following steps:
Discover which employees are accessing cloud services and from which devices and apps
Lock down the data in those apps and devices
Monitor and analyze the apps and devices for compliance

Manage application life cycles -

Monitor data sharing -
An organization should perform these steps to do which of the following?

Answer options

• A. Pursue a GDPR-compliant Privacy by Design process.
• B. Institute a GDPR-compliant employee monitoring process.
• C. Maintain a secure Bring Your Own Device (BYOD) program.
• D. Ensure cloud vendors are complying with internal data use policies.

Correct answer: C

Explanation

The correct answer is C because the steps outlined focus on securing devices and apps used by employees, which is essential for a successful BYOD program. Options A and B relate to GDPR compliance but do not specifically address BYOD security. Option D pertains to vendor compliance rather than internal device management.