Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity's responsibility with regard to assessing an organization's privacy framework?

Posted by: Pdfprep Category: IIA-ACCA Tags: IIA-ACCA exam questions, IIA-ACCA practice exam, CIA Challenge Post Date: February 28, 2021

Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity’s responsibility with regard to assessing an organization’s privacy framework?
A . If an organization does not have a mature privacy framework, the internal audit activity should assist in developing and implementing an appropriate privacy framework.
B . Because the audit committee is ultimately responsible for ensuring that appropriate control processes are in place to mitigate risks associated with personal information, the internal audit activity is
C . required to conduct privacy assessments.
D . The internal audit activity may delegate to nonaudit IT specialists the responsibility of determining whether personal information has been secured adequately and data protection controls are sufficient.
E . The internal audit activity should have appropriate knowledge and competence to conduct an asses …….framework.

Answer: D

Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity’s responsibility with regard to assessing an organization’s privacy framework?

Author

Leave a Reply Cancel reply