During the design of a role-based user access model for a new application, which of the following principles is MOST important to ensure data privacy is protected?

• A.Need-to-know basis
• B.Unique user credentials
• C.Segregation of duties
• D.Two-person rule

Comment: *

Name: *

Email: *

Verification: *

Of the following, who should be PRIMARILY accountable for creating an organization's privacy management strategy?

• A.Chief data officer (CDO)
• B.Privacy steering committee
• C.Information security steering committee
• D.Chief privacy officer (CPO)

Comment: *

Name: *

Email: *

Verification: *

In which of the following should the data record retention period be defined and established?

• A.Data recovery procedures
• B.Data quality standard
• C.Data record model
• D.Data management plan

Comment: *

Name: *

Email: *

Verification: *

How can an organization BEST ensure its vendors are complying with data privacy requirements defined in their contracts?

• A.Compare contract requirements against vendor deliverables.
• B.Obtain independent assessments of the vendors' data management processes.
• C.Review self-attestations of compliance provided by vendor management.
• D.Perform penetration tests of the vendors' data security.

Comment: *

Name: *

Email: *

Verification: *

Which of the following describes a user's "right to be forgotten"?

• A.The data is no longer required for the purpose originally collected.
• B.The data is being used to comply with legal obligations or the public interest.
• C.The individual objects despite legitimate grounds for processing.
• D.The individual's legal residence status has recently changed.

Comment: *

Name: *

Email: *

Verification: *