|
|
|
|
|
|
by hayst4ck
1282 days ago
|
|
|
And if an organization wants to know, then they must make a single individual responsible. "Organizational responsibility" means that no one is responsible. It is important to have one person know the answer, rather than making your devs "guess" the answer. "The devs we asked said there wasn't misuse of PII" is not at all a good guarantee that PII is not abused or lost. The organization cannot know unless there is an individual who knows. |
|
|