Acme Corp has selectively outsourced proprietary business processes to ABC Services. Due to some technical
issues, ABC services wants to send some of Acme Corp’s debug data to a third party vendor for problem
resolution. Which of the following MUST be considered prior to sending data to a third party?

A.
The data should be encrypted prior to transport

B.
This would not constitute unauthorized data sharing

C.
This may violate data ownership and non-disclosure agreements

D.
Acme Corp should send the data to ABC Services’ vendor instead

Explanation:
With sending your data to a third party is already a risk since the third party may have a different policy than
yours. Data ownership and non-disclosure is already a risk that you will have to accept since the data will be
sent for debugging /troubleshooting purposes which will result in definite disclosure of the data.