Certified Data Privacy Solutions Engineer (CDPSE) — Question 84

Which of the following should be the FIRST consideration prior to implementing an audit trail of access to personal data?

Answer options

• A. Vulnerability and threat assessments
• B. Service level agreements (SLAs)
• C. Cost-benefit analysis
• D. Sensitivity and regulatory requirements

Correct answer: C

Explanation

The first consideration should be a cost-benefit analysis to ensure that the resources allocated to creating an audit trail justify the benefits gained from it. While vulnerability assessments, SLAs, and sensitivity requirements are important, they come into play after determining the feasibility and value of implementing the audit trail.