U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IAPP CIPM Exam - Topic 6 Question 97 Discussion

A systems audit uncovered a shared drive folder containing sensitive employee data with no access controls and therefore was available for all employees to view. What is the first step to mitigate further risks?
D) Restrict access to the folder.
A) Notify all employees whose information was contained in the file.
B) Check access logs to see who accessed the folder.
C) Notify legal counsel of a privacy incident.

IAPP CIPM Exam - Topic 6 Question 97 Discussion

Actual exam question for IAPP's CIPM exam
Question #: 97
Topic #: 6
[All CIPM Questions]

A systems audit uncovered a shared drive folder containing sensitive employee data with no access controls and therefore was available for all employees to view. What is the first step to mitigate further risks?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Kristel at Apr 13, 2026, 04:24 AM

Limited Time Offer

25%

Off

Get Premium CIPM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Aimee
1 month ago
I think C is important too, gotta involve legal.
upvoted 0 times
...
Katlyn
2 months ago
Definitely D, restricting access is crucial!
upvoted 0 times
...
Chanel
2 months ago
I agree with restricting access first, but I wonder if notifying employees is also necessary. It feels like there are multiple layers to consider here.
upvoted 0 times
...
Rosalia
2 months ago
I practiced a similar question where we had to assess risks. I feel like checking access logs could help understand the impact, but it might not be the immediate step.
upvoted 0 times
...
Jarvis
2 months ago
I'm not entirely sure, but I remember something about notifying legal counsel being important in these situations. Maybe that's a priority too?
upvoted 0 times
...
Vernice
2 months ago
I think the first step should be to restrict access to the folder. It seems like a basic security measure to prevent further exposure.
upvoted 0 times
...

Save Cancel