Which of the following should be done FIRST to establish privacy to design when developing a contact-tracing application?

• A.Conduct a privacy impact assessment (PIA).
• B.Conduct a development environment review.
• C.Identify privacy controls for the application.
• D.Identify differential privacy techniques.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY reason that organizations need to map the data flows of personal data?

• A.To assess privacy risks
• B.To evaluate effectiveness of data controls
• C.To determine data integration gaps
• D.To comply with regulations

Comment: *

Name: *

Email: *

Verification: *

A global organization is planning to implement a customer relationship management (CRM) system to be used in offices based in multiple countries. Which of the following is the MOST important data protection consideration for this project?

• A.Encryption algorithms for securing customer personal data at rest and in transit
• B.National data privacy legislative and regulatory requirements in each relevant jurisdiction
• C.Industry best practice related to information security standards in each relevant jurisdiction
• D.Identity and access management mechanisms to restrict access based on need to know

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the FIRST consideration when conducting a privacy impact assessment (PIA)?

• A.The applicable privacy legislation
• B.The systems in which privacy-related data is stored
• C.The quantity of information within the scope of the assessment
• D.The organizational security risk profile

Comment: *

Name: *

Email: *

Verification: *

Which of the following should an IT privacy practitioner review FIRST to understand where personal data is coming from and how it is used within the organization?

• A.Data process flow diagrams
• B.Data inventory
• C.Data classification
• D.Data collection standards

Comment: *

Name: *

Email: *

Verification: *