Certified Data Privacy Solutions Engineer (CDPSE) — Question 28

Which of the following needs to be identified FIRST to define the privacy requirements to use when assessing the selection of IT systems?

Answer options

• A. Type of data being processed
• B. Applicable control frameworks
• C. Applicable privacy legislation
• D. Available technology platforms

Correct answer: A

Explanation

Identifying the type of data being processed is crucial because it directly influences the privacy requirements that need to be considered for IT systems. The other options, while important, depend on the specific data types and may vary based on the data's nature and sensitivity.