Within a business continuity plan (BCP), which of the following is the MOST important consideration to ensure the ability to restore availability and access to personal data in the event of a data privacy incident?

• A.Offline backup availability
• B.Recovery point objective (RPO)
• C.Online backup frequency
• D.Recovery time objective (RTO)

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be established FIRST before authorizing remote access to a data store containing personal data?

• A.Privacy policy
• B.Multi-factor authentication
• C.Virtual private network (VPN)
• D.Network security standard

Comment: *

Name: *

Email: *

Verification: *

During which of the following system lifecycle stages is it BEST to conduct a privacy impact assessment (PIA) on a system that holds personal data?

• A.Production
• B.User acceptance testing (UAT)
• C.Development
• D.Functional testing

Comment: *

Name: *

Email: *

Verification: *

A global financial institution is implementing data masking technology to protect personal data used for testing purposes in non-production environments. Which of the following is the GREATEST challenge in this situation?

• A.Complex relationships within and across systems must be retained for testing.
• B.Data masking tools are complex and difficult to implement.
• C.Access to personal data is not strictly controlled in development and testing environments.
• D.Personal data across the various interconnected systems cannot be easily identified.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a responsibility of the audit function in helping an organization address privacy compliance requirements?

• A.Approving privacy impact assessments (PIAs)
• B.Managing privacy notices provided to customers
• C.Validating the privacy framework
• D.Establishing employee privacy rights and consent

Comment: *

Name: *

Email: *

Verification: *