Question 2
Domain 1 — Privacy Governance and Program ManagementPrivacy governance is most concerned with:
Correct answer: A
Explanation
Privacy governance focuses on how an organization directs and oversees privacy through policies, accountability, and decision-making. Privacy strategy fits this because governance is about setting the framework for privacy management, not just handling individual data requests or incidents.
Why each option is right or wrong
A. Privacy strategy
Privacy governance is the oversight layer that sets direction, assigns accountability, and establishes the policies and controls by which privacy is managed across the organization. In this question, the best match is the organization’s privacy strategy, because governance concerns the framework for decision-making and oversight rather than operational handling of individual requests, incidents, or records.
B. Security policy
Security policy defines security rules and controls, but privacy governance is broader and privacy-specific.
C. Security executive compensation
Executive compensation is an HR incentive topic, not a core privacy oversight mechanism.
D. Privacy policy
Privacy policy is one governance artifact, but governance is the overall strategic oversight function.