"Data which cannot be attributed to a particular data subject without use of additional information." Which of the following best describes this statement?
A. Anonymized Data
B. Pseudonymized Data
C. Metadata
Which among the following organizations does not issue a privacy seal?
A. EuroPriSe
B. BBBOnline
C. Transaction Guard
D. WebTrust
As part of the environment scanning to identify security risks to personal information, which of the following environments would be least relevant for the organization?
A. Organization's own environment
B. Service provider's environment
C. Client's environment
D. Government agencies' environment which seek lawful access to personal data
As a privacy assessor, what would most likely be the first artifact you would ask for while assessing an organization which claims that it has implemented a privacy program?
A. Privacy risk management framework
B. Records of privacy specific training imparted to the employees handling personal information
C. Personal information management policy
D. Records of deployed privacy notices and statements
A non-public document issued by a data controller that directs data processors to adhere to certain privacy principles while processing personal information may be referred to as:
A. Privacy Policy
B. Privacy Statement
C. Privacy Notice
D. Security Policy
Which of the following could be considered as triggers for updating privacy policy?
A. Regulatory changes
B. Privacy breach
C. Change in service provider for an established business process
D. Recruitment of more employees
Which of the following activities form part of an organization's Visibility over Personal Information (VPI) initiative, according to DSCI Privacy Framework (DPF??
A. `Data processing environment' analysis of industry peers
B. `Data processing environment' analysis of the country
C. `Data processing environment' analysis of the organization and associated third parties
D. `Data processing environment' analysis of the organization only
With respect to privacy monitoring and incident management process, which of the below should be a part of a standard incident handling process?
I. Incident identification and notification
II. Investigation and remediation
III. Root cause analysis
IV.
User awareness training on how to report incidents Please select the correct option:
A.
I and II
B.
III and IV
C.
I, II and III
D.
All of the above
Which of the following has not been prescribed as a key principle in the White Paper on Data Protection Framework for India, by Justice Shri Krishna Committee?
A. Informed consent
B. Data minimization
C. Horizontal application
D. Preventing harm
As per GDPR, in case a data controller or processor does not have an establishment within EU, then:
A. GDPR does not apply to such controllers or processors
B. They need to set up an establishment in the EU
C. They shall verbally communicate the presence of a representative to the supervisory authority
D. Such controllers or processors need to designate a representative in writing to the Union
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only DSCI exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DCPP-01 exam preparations and DSCI certification application, do not hesitate to visit our Vcedump.com to find your solutions here.