The first step for an IT privacy practitioner following a decision to expand remote working capability is to evaluate the impact resulting from this change on the organization’s privacy policies, programs and practices. This will help identify the risks and gaps that need to be addressed, as well as the opportunities for improvement and optimization. The other options are possible actions that may be taken after the impact assessment, depending on the results and recommendations.
[References:, CDPSE Exam Content Outline, Domain 1 – Privacy Governance (Governance, Management & Risk Management), Task 1: Identify issues requiring remediation and opportunities for process improvement1., CDPSE Review Manual, Chapter 1 – Privacy Governance, Section 1.3 – Privacy Impact Assessment (PIA)2., ]
Submit