medium
Single Answer
0Joshua’s organization is required to comply with the EU’s GDPR. As part of their annual assessments, they conduct a GDPR compliance review and receive a report from their audi- tors. What type of assessment is this?
Answer Options
A
A penetration test
B
A regulatory assessment
C
An internal audit
D
An attestation-based assessment
Correct Answer: B
Explanation
The GDPR is a regulation, making this a regulatory assessment or audit. There is no pene- tration testing mentioned, the auditors are not described as internal or external, and no attes- tation is mentioned.