As a privacy assessor, what would most likely be the first artifact you would ask for while assessing an organization which claims that it has implemented a privacy program?
A.
Privacy risk management framework
B.
Records of privacy specific training imparted to the employees handling personal information
C.
Personal information management policy
D.
Records of deployed privacy notices and statements
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit