New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CGEIT Exam - Topic 5 Question 9 Discussion

Actual exam question for Isaca's CGEIT exam
Question #: 9
Topic #: 5
[All CGEIT Questions]

A health tech enterprise wants to ensure that its in-house developed mobile app for users complies with data privacy regulations. Which of the following should be identified FIRST when creating an inventory of information systems and data related to the mobile app?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Arlette at May 09, 2022, 11:45 AM

Limited Time Offer

25%

Off

Get Premium CGEIT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Anabel
4 months ago
Not sure if that's the best first step, honestly.
upvoted 0 times
...
Caren
4 months ago
Totally agree, data owners are key!
upvoted 0 times
...
Lyla
4 months ago
Surprised this isn't more straightforward!
upvoted 0 times
...
Jerry
4 months ago
I think vendors and outsourced systems should come first.
upvoted 0 times
...
Terry
5 months ago
Definitely need to start with application and data owners.
upvoted 0 times
...
Kati
5 months ago
I lean towards identifying the application and data owners first. They have the most insight into compliance needs, don’t they?
upvoted 0 times
...
Lashawnda
5 months ago
I practiced a question similar to this, and I feel like understanding the information classification scheme is crucial. But is it the first step?
upvoted 0 times
...
Veronique
5 months ago
I'm not entirely sure, but I remember something about vendors being important too. Maybe we should consider them first?
upvoted 0 times
...
Terry
5 months ago
I think we should start with identifying the application and data owners first. They know what data is being used, right?
upvoted 0 times
...
Dante
5 months ago
Hmm, let me think about this. I know revenue recognition is important, but I'm not totally sure which fields are used in the trigger hierarchy. I'll have to review my notes on that.
upvoted 0 times
...
Hailey
5 months ago
This seems like a straightforward question about site survey considerations for an outdoor bridge. I'm pretty confident I can identify the two correct criteria.
upvoted 0 times
...
Denise
5 months ago
This question seems straightforward, I think I can handle it.
upvoted 0 times
...
Twana
5 months ago
The Wavelength Routing report sounds like the right choice here. That's where I'd expect to find that kind of wavelength information.
upvoted 0 times
...
Erick
5 months ago
Option C looks promising to me. Encrypting the ID values with the service consumer's private key seems like a clever way to avoid the information leakage issue while still maintaining unique IDs.
upvoted 0 times
...

Save Cancel