A multinational corporation with operations in several countries is working to ensure compliance with global data protection regulations. What is the most appropriate action for the company to take in order to maintain compliance with the diverse set of regulations concerning user data privacy?
Create a data retention policy that focuses on adhering to the least restrictive data protection standards to ensure ease of data flow.
Delegate the responsibility for compliance with data protection laws to the IT department of each local office.
Establish a data governance framework that complies with the highest standard among the international data protection regulations.
Set up an external compliance team dedicated to each region to handle region-specific data privacy laws.
|Security Program Management and Oversight
|Threats, Vulnerabilities, and Mitigations
|General Security Concepts