Certified Information Systems Security Professional (CISSP) — Question 165

The principle that personally identifiable information (PII) should be kept up-to-date and relevant to the purposes for which they are to be used is attributed to which fair information practice per the United States (US) Organization for Economic Cooperation and Development (OECD)?

Answer options

• A. Purpose Specification
• B. Security Safeguards
• C. Collection Limitation
• D. Data Quality

Correct answer: D

Explanation

The correct answer is D, Data Quality, which emphasizes the need for PII to be accurate and relevant. A, Purpose Specification, focuses on the reasons for collecting data, B, Security Safeguards, relates to protecting data, and C, Collection Limitation, deals with the amount and type of data collected, none of which directly addresses the currency and relevance of data.