Question 18
Domain 1: Data Collection, Use, Dissemination, and DestructionWhich NIST privacy engineering objective is mainly about allowing reliable administration of personal data, including granular change and deletion?
Correct answer: B
Explanation
NIST defines Manageability as the privacy engineering objective focused on controlling personal data throughout its lifecycle, including "granular change and deletion." It supports reliable administration of personal data by enabling precise updates, removal, and other management actions.
Why each option is right or wrong
A. Dissociability
B. Manageability
NIST SP 800-37 and the NIST Privacy Framework identify Manageability as the objective concerned with administering personal data in a controlled way across its lifecycle, including precise modification and removal. In the NIST Privacy Engineering Framework, this is the objective that supports reliable operational handling of data subjects’ records, with granular change and deletion as explicit examples of the control expected.
C. Availability
D. Nonrepudiation