Classify the following scenario as major or minor non-conformity.
Classify the following scenario as major or minor non-conformity. “The organization is aware of the PI dealt by it at a broad level based on the business services provided but does not have the detailed view of which business functions, processes or relationships deal with what types of PI including...
What is the maximum compensation that can be imposed on an organization for negligence in implementing reasonable security practices as defined in Section 43A of ITAA, 2008?
What is the maximum compensation that can be imposed on an organization for negligence in implementing reasonable security practices as defined in Section 43A of ITAA, 2008?A . Uncapped compensation B. 5 crores C. 15 crores or 4% of the global turnover D. 5 lakhsView AnswerAnswer: C
What is a Data Subject? (Choose all that apply.)
What is a Data Subject? (Choose all that apply.)A . An individual who provides his/her data/information for availing any service B. An individual who processes the data/information of individuals for providing necessary services C. An individual whose data/information is processed D. A company providing PI of its employees for processing...
The concept of data adequacy is based on the principle of _________.
The concept of data adequacy is based on the principle of _________.A . Adequate compliance B. Dissimilarity of legislations C. Essential equivalence D. Essential assessmentView AnswerAnswer: C
If you were the privacy expert advising the company, what steps would you suggest to realign the existing security monitoring and incident management to address privacy requirements especially those specific to client relationships?
CORRECT TEXT FILL BLANK MIM The company has a well-defined and tested Information security monitoring and incident management process in place. The process has been in place since last 10 years and has matured significantly over a period of time. There is a Security Operations Centre (SOC) to detect security...
In the landmark case _______________ the Honourable Supreme Court of India reaffirmed the status of Right to Privacy as a Fundamental Right under Part III of the constitution.
In the landmark case _______________ the Honourable Supreme Court of India reaffirmed the status of Right to Privacy as a Fundamental Right under Part III of the constitution.A . M. P. Sharma and others vs. Satish Chandra, District Magistrate, Delhi, and others B. Maneka Gandhi vs. Union of India C....
Which of the following statements is true with respect to organization’s privacy training and awareness program?
Which of the following statements is true with respect to organization’s privacy training and awareness program?A . It should define roles and responsibilities of personnel in privacy function B. It should cover employees of service provider dealing with personal information C. It should necessarily cover officials from Law Enforcement Agencies...
Which of the following are classified as Sensitive Personal Data or Information under Section 43A of ITAA, 2008? (Choose all that apply.)
Which of the following are classified as Sensitive Personal Data or Information under Section 43A of ITAA, 2008? (Choose all that apply.)A . Password B. Financial information C. Sexual orientation D. Caste and religious beliefs E. Biometric information F. Medical records and historyView AnswerAnswer: A,B,E,F
Classify the following scenario as major or minor non-conformity.
Classify the following scenario as major or minor non-conformity. “The organization has a very mature information security policy. Lately, the organization has realized the need to focus on protection of PI. A formal PI identification exercise was done for this purpose and a mapping of PI and security controls was...
This an imperative of which DPF practice area?
Create an inventory of the specific contractual terms that explicitly mention the data protection requirements. This an imperative of which DPF practice area?A . Visibility over Personal Information (VPI) B. Information Usage and Access (IUA) C. Privacy Contract Management (PCM) D. Regulatory Compliance Intelligence (RCI)View AnswerAnswer: C