CISA - Governance and Management of IT - Section 2.1

Evaluate privacy programs and principles together with data governance and classification practices.

Define core privacy principles - such as purpose limitation, data minimisation and individual rights - and explain how a privacy programme operationalises them. Evaluate data governance and data classification practices to determine whether sensitive information is identified, labelled and handled appropriately.

Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.