Last Updated on November 16, 2023 by InfraExam
You are a SOC analyst, and your supervisor has asked you to investigate suspicious activity. The team’s threat hunter discovered this activity on a server that stores personal identity information (PII).
Which stakeholder in the organization will you most likely interact with if you need more information about the nature of the PII?
- governance, risk, and compliance
- human resources
- public affairs
|Explanation & Hint:
When dealing with personal identity information (PII) and the nature of that data, the most relevant stakeholder to interact with is typically the governance, risk, and compliance (GRC) team or department within an organization. The GRC team is usually responsible for understanding the specific requirements and regulations related to PII, assessing the risks associated with its management, and ensuring the organization is in compliance with relevant laws and standards.
Here’s why the other options are less likely: