How are privacy and data protection related to each other?
How are privacy and data protection related to each other?A . Data protection is a subset of privacy. B. Privacy is a subset of data protection. C. The terms ‘privacy’ and ‘data protection’ are interchangeable. D. They are unrelated.View AnswerAnswer: A
Classify the following scenario as major or minor non-conformity.
Classify the following scenario as major or minor non-conformity. “The organization is aware of the PI dealt by it at a broad level based on the business services provided but does not have the detailed view of which business functions, processes or relationships deal with what types of PI including...
Arrange the following techniques in decreasing order of the risk of re-identification:
Arrange the following techniques in decreasing order of the risk of re-identification: I) Pseudonymization II) De-identification III) AnonymizationA . I, II B. III, II, I C. II, III, I D. All have equal risk of re-identificationView AnswerAnswer: C
Classify the following scenario as major or minor non-conformity.
Classify the following scenario as major or minor non-conformity. “The organization has a very mature information security policy. Lately, the organization has realized the need to focus on protection of PI. A formal PI identification exercise was done for this purpose and a mapping of PI and security controls was...
What are the two phases of DSCI Privacy Third Party Assessment?
What are the two phases of DSCI Privacy Third Party Assessment?A . Initial and Detailed B. Primary and Secondary C. Initial and Final D. None of the aboveView AnswerAnswer: C
Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users:
Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users: I) Increase control over their personal data II) Choose whether to use services anonymously or...
The concept of data adequacy is based on the principle of _________.
The concept of data adequacy is based on the principle of _________.A . Adequate compliance B. Dissimilarity of legislations C. Essential equivalence D. Essential assessmentView AnswerAnswer: C
What is the maximum compensation that can be imposed on an organization for negligence in implementing reasonable security practices as defined in Section 43A of ITAA, 2008?
What is the maximum compensation that can be imposed on an organization for negligence in implementing reasonable security practices as defined in Section 43A of ITAA, 2008?A . Uncapped compensation B. 5 crores C. 15 crores or 4% of the global turnover D. 5 lakhsView AnswerAnswer: C
Was the visibility exercise adequately carried out? What gaps did you notice?
CORRECT TEXT FILL BLANK VPI As a starting point, the consultants undertook a visibility exercise to understand the type of personal information (PI) being dealt with within the organization and also by third parties and the scope was to cover all the client relationships (IT services and BPM both) and...
What should be the learning for the company going forward? What should the consultants suggest?
CORRECT TEXT FILL BLANK RCI and PCM Given its global operations, the company is exposed to multiple regulations (privacy related) across the globe and needs to comply mostly through contracts for client relationships and directly for business functions. The corporate legal team is responsible for managing the contracts and understanding,...