Question 6
Domain 3: Privacy, Data Stewardship, and User RightsA company is planning a new feature that will collect and use customer information in a different way than existing services. To address privacy risks in cross-functional business decision-making, which group should be coordinated as part of the review?
Correct answer: B
Explanation
Privacy risks in business decisions should be addressed through coordination among legal, compliance, security, data, and product teams rather than by a single function acting alone. — Coordinate privacy considerations among legal, compliance, security, data, and product teams.
Why each option is right or wrong
A. Only the product team and security team should review the feature before launch.
Privacy coordination includes legal, compliance, data, and product teams in addition to security.
B. Legal, compliance, security, data, and product teams should coordinate the privacy review.
The source material states that privacy considerations should be coordinated among legal, compliance, security, data, and product teams. Because the feature changes how customer information will be collected and used, the full cross-functional group identified in the material is the appropriate review set.
C. Only the legal and compliance teams need to approve the privacy impact of the feature.
Privacy coordination also includes security, data, and product teams.
D. The data team can assess the change independently and inform other teams later if needed.
Privacy considerations are coordinated among multiple business functions, not handled by the data team alone.