Exam CIPM topic 1 question 46 discussion

A C & D are important considerations while rationalizing requirements

It's D. When rationalizing privacy requirements to comply with various applicable laws and regulations, the main focus is typically on harmonizing shared obligations and privacy rights, implementing solutions that address shared needs, and applying the strictest standards to ensure compliance without violating other laws. Option D suggests handling "outliers" (requirements that are unique to specific jurisdictions or laws) on a case-by-case basis, which is not a rational approach for aligning privacy requirements. Ideally, privacy programs aim for consistency and scalability by harmonizing common obligations and addressing any outliers through strategic planning, rather than ad hoc or case-by-case solutions.

harmonising to me is like taking a middle ground by only considering commonalities of various laws which is not a correct approach.

A - it is not possible to harmonise different legislative frameworks. Instead, materially address all that apply, by applying the strictest standard, and treat outliers on a case-by-case basis

Correct Answer is A

C is another approach

The answer is A. all other answers are included in the CIPM book under rationalisation. C as mentioned by others is incorrect. From cipm book - Another approach organizations employ, when possible, is to look to the strictest standard when seeking a solution, provided it does not violate any data privacy laws, exceed budgetary restrictions, or contradict organization goals and objectives.

C is correct

C is correct

Rationalizing requirements primarily involves understanding and organizing the myriad obligations from different legislations and regulations, finding commonalities, and creating a unified approach that can meet the standards across the board. While implementing solutions is an outcome or a step post the rationalization process, it is not a direct part of the rationalization itself.