CIPM V2

What is the main function of the Asia-Pacific Economic Cooperation Privacy Framework?A . Enabling regional data transfers.B . Protecting data from parties outside the region.C . Establishing legal requirements for privacy protection in the region.D . Marketing privacy protection technologies developed in the region.View AnswerAnswer: A Explanation: The main function...

Formosa International operates in 20 different countries including the United States and France. What organizational approach would make complying with a number of different regulations easier?A . Data mapping.B . Fair Information Practices.C . Rationalizing requirements.D . Decentralized privacy management.View AnswerAnswer: C Explanation: Rationalizing requirements is an organizational approach that...

In which situation would a Privacy Impact Assessment (PIA) be the least likely to be required?A . If a company created a credit-scoring platform five years ago.B . If a health-care professional or lawyer processed personal data from a patient's file.C . If a social media company created a new...

SCENARIO Please use the following to answer the next QUESTION: It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new initiative to encourage employees to use personal devices for conducting business. The initiative made purchasing a new, high-specification laptop computer...

What should a privacy professional keep in mind when selecting which metrics to collect?A . Metrics should be reported to the public.B . The number of metrics should be limited at first.C . Metrics should reveal strategies for increasing company earnings.D . A variety of metrics should be collected before...

What is the best way to understand the location, use and importance of personal data within an organization?A . By analyzing the data inventory.B . By testing the security of data systems.C . By evaluating methods for collecting data.D . By interviewing employees tasked with data entry.View AnswerAnswer: C Explanation:...

What are you doing if you succumb to "overgeneralization" when analyzing data from metrics?A . Using data that is too broad to capture specific meanings.B . Possessing too many types of data to perform a valid analysis.C . Using limited data in an attempt to support broad conclusions.D . Trying...

SCENARIO Please use the following to answer the next QUESTION: Natalia, CFO of the Nationwide Grill restaurant chain, had never seen her fellow executives so anxious. Last week, a data processing firm used by the company reported that its system may have been hacked, and customer data such as names,...

What should be the first major goal of a company developing a new privacy program?A . To survey potential funding sources for privacy team resources.B . To schedule conversations with executives of affected departments.C . To identify potential third-party processors of the organization's information.D . To create Data Lifecycle Management...

Which of the following best describes proper compliance for an international organization using Binding Corporate Rules (BCRs) as a controller or processor?A . Employees must sign an ad hoc contractual agreement each time personal data is exported.B . All employees are subject to the rules in their entirety, regardless of...