Can you please guide the information security function to realign company’s security initiatives to include privacy protection, keeping in mind that the client security requirements would vary across relationships?

CORRECT TEXT FILL BLANK PIS The company has a well-defined and effectively implemented security policy. As in case of access control, the security controls vary in different client relationships based on the client requirements but certain basic or hygiene security practices / controls are implemented organization wide. The consultants have...

July 22, 2023 No Comments READ MORE +

Was the visibility exercise adequately carried out? What gaps did you notice?

CORRECT TEXT FILL BLANK VPI As a starting point, the consultants undertook a visibility exercise to understand the type of personal information (PI) being dealt with within the organization and also by third parties and the scope was to cover all the client relationships (IT services and BPM both) and...

July 22, 2023 No Comments READ MORE +

Assuming you have been tasked to deploy this framework for the bank, which of the following would most likely be your first step?

XYZ bank has recently decided to start offering online banking services. For doing so, the bank has outsourced its IT operations and processes to various third parties. Acknowledging privacy concerns, bank has decided to implement a privacy program. Assuming you have been tasked to deploy this framework for the bank,...

July 19, 2023 No Comments READ MORE +

Which of the following does the ‘Privacy Strategy & Processes’ layer in the DPF help accomplish? (Choose all that apply.)

Which of the following does the ‘Privacy Strategy & Processes’ layer in the DPF help accomplish? (Choose all that apply.)A . Visibility over Personal Information B. Privacy Policy and Processes C. Regulatory Compliance Intelligence D. Information Usage and Access E. Personal Information SecurityView AnswerAnswer: A,B,D,E

July 18, 2023 No Comments READ MORE +

How are privacy and data protection related to each other?

How are privacy and data protection related to each other?A . Data protection is a subset of privacy. B. Privacy is a subset of data protection. C. The terms ‘privacy’ and ‘data protection’ are interchangeable. D. They are unrelated.View AnswerAnswer: A

July 15, 2023 No Comments READ MORE +

Which of the following would be the most critical factor for the review process?

A newly appointed Data Protection officer is reviewing the organization’s existing privacy policy. Which of the following would be the most critical factor for the review process?A . Awareness of the business units about the privacy policy B. Changes in the legal/regulatory regime C. Privacy policies of industry peers D....

July 15, 2023 No Comments READ MORE +

Which of the following are the key factors that need to be considered for determining the applicability of the privacy principles? (Choose all that apply.)

Which of the following are the key factors that need to be considered for determining the applicability of the privacy principles? (Choose all that apply.)A . The role of the organization in determining the purpose of the data collection B. How and where the data is coming in the organization...

July 15, 2023 No Comments READ MORE +

This an imperative of which DPF practice area?

‘Map the legal and compliance requirements to each data element that an organization is dealing with in all of its business processes, enterprise and operational functions, and client relationships.’ This an imperative of which DPF practice area?A . Visibility over Personal Information (VPI) B. Privacy Organization and Relationship (POR) C....

July 14, 2023 No Comments READ MORE +

What are the two phases of DSCI Privacy Third Party Assessment?

What are the two phases of DSCI Privacy Third Party Assessment?A . Initial and Detailed B. Primary and Secondary C. Initial and Final D. None of the aboveView AnswerAnswer: A

July 14, 2023 No Comments READ MORE +

What should be the learning for the company going forward? What should the consultants suggest?

CORRECT TEXT FILL BLANK RCI and PCM Given its global operations, the company is exposed to multiple regulations (privacy related) across the globe and needs to comply mostly through contracts for client relationships and directly for business functions. The corporate legal team is responsible for managing the contracts and understanding,...

July 13, 2023 No Comments READ MORE +