Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
A . Need to comply with breach disclosure laws
B . Fiduciary responsibility to safeguard credit information
C . Need to transfer the risk associated with hosting PII data
D . Need to better understand the risk associated with using PII data

View Answer

Answer: D