December 23, 2021 by Admin
An information security manager is asked to provide evidence that the organization is fulfilling its legal obligation to protect personally identifiable information (PII).
Which of the following would be MOST helpful for this purpose?
- Metrics related to program effectiveness
- Written policies and standards
- Privacy awareness training
- Risk assessments of privacy-related applications