The IT risk management team’s FIRST course of action should be to:

Last Updated on December 10, 2021 by Admin 2

An enterprise learns that a new privacy regulation was recently published to protect customers in the event of a breach involving personally identifiable information (PII). The IT risk management team’s FIRST course of action should be to:

  • evaluate the risk appetite for the new regulation.
  • determine if the new regulation introduces new risk.
  • assign a risk owner for the new regulation.
  • define the risk tolerance for the new regulation.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments