CISSP Practice Question (Domain 1: Security and Risk Management)
Your organization is expanding into a country that requires all citizen data to be stored within its borders. The legal team recommends immediate compliance, but the existing cloud architecture uses a single global tenant. What should you do FIRST? A. Negotiate a regulatory exception with the host country's data authority B. Conduct a data sovereignty impact assessment against current architecture C. Migrate all citizen data to an in-country data center immediately D. Update the privacy policy to disclose cross-border data transfers Come back for the answer tomorrow, or study more now!