Examice

Exam IIA-CIA-Part3 All QuestionsBrowse all questions from this exam

Question 86

Which of the following data security policies is most likely to be the result of a data privacy law?

Access to personally identifiable information is limited to those who need it to perform their job.

Confidential data must be backed up and recoverable within a 24-hour period.

Updates to systems containing sensitive data must be approved before being moved to production.

A record of employees with access to insider information must be maintained, and those employees may not trade company stock during blackout periods.

Correct Answer: A

Access to personally identifiable information is limited to those who need it to perform their job. Data privacy laws typically focus on the protection and restricted access to personally identifiable information (PII). Limiting access to PII ensures that the data is only available to employees whose job functions require it, which is a direct response to many data privacy regulations aimed at protecting individuals' personal data.

Discussion

DomiiiOption: A

A correct