Which of the following is the GREATEST concern for an organization subject to cross-border data transfer regulations when using a cloud service provider to store and process data?

• A.The extent of the service provider's access to data has not been established.
• B.The data is stored in a region with different data protection requirements.
• C.The service provider has denied the organization's request for right to audit.
• D.Personal data stored on the cloud has not been anonymized.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to limit the organization's potential exposure in the event of consumer data loss while maintaining the traceability of the data?

• A.Require a digital signature.
• B.De-identify the data.
• C.Use a unique hashing algorithm.
• D.Encrypt the data at rest.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to distinguish between a privacy risk and compliance risk?

• A.Conduct a privacy risk remediation exercise.
• B.Validate a privacy risk attestation.
• C.Conduct a privacy risk assessment.
• D.Perform a privacy risk audit.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY consideration to ensure control of remote access is aligned to the privacy policy?

• A.Access is only granted to authorized users.
• B.Active remote access is monitored.
• C.Multi-factor authentication is enabled.
• D.Access is logged on the virtual private network (VPN).

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY reason to complete a privacy impact assessment (PIA)?

• A.To classify personal data
• B.To establish privacy breach response procedures
• C.To comply with consumer regulatory requirements
• D.To understand privacy risks

Comment: *

Name: *

Email: *

Verification: *