{"id":104511,"date":"2025-06-14T06:41:05","date_gmt":"2025-06-14T06:41:05","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=104511"},"modified":"2025-09-22T06:44:21","modified_gmt":"2025-09-22T06:44:21","slug":"iapp-cipm-free-dumps-part-2-q41-q80-of-v14-02-prepare-confidently-with-dumpsbase","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/iapp-cipm-free-dumps-part-2-q41-q80-of-v14-02-prepare-confidently-with-dumpsbase.html","title":{"rendered":"IAPP CIPM Free Dumps (Part 2, Q41-Q80) of V14.02: Prepare Confidently with DumpsBase"},"content":{"rendered":"<p>We can be sure that you can prepare confidently for the Certified Information Privacy Manager (CIPM) certification exam with DumpsBase. Our CIPM dumps (V14.02) are available with comprehensive questions and answers, ensuring your success in the actual exam on the first attempt. All these questions and answers are perfect for you to practice. You can have a PDF file and a free testing engine to practice them thoroughly. Additionally, you can have free demos to check the quality. Before, we shared the <a href=\"https:\/\/www.dumpsbase.com\/freedumps\/updated-cipm-dumps-v14-02-with-cipm-free-dumps-part-1-q1-q40-remove-your-anxiety-and-help-you-pass-the-certified-information-privacy-manager-cipm-exam.html\"><em><strong>CIPM free dumps (Part 1, Q1-Q40)<\/strong><\/em><\/a> online. To help you check more, today we will continue to share the CIPM free dumps (Part 2, Q41-Q80) of V14.02.<\/p>\n<h2>Start reading the <em><span style=\"background-color: #00ffff;\">CIPM free dumps (Part 2, Q41-Q80) of V14.02 below<\/span><\/em>:<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam9661\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-9661\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-9661\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-385952'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>As the Director of data protection for Consolidated Records Corporation, you are justifiably pleased with your accomplishments so far. Your hiring was precipitated by warnings from regulatory agencies following a series of relatively minor data breaches that could easily have been worse. However, you have not had a reportable incident for the three years that you have been with the company. In fact, you consider your program a model that others in the data storage industry may note in their own program development. <br \/>\r<br>You started the program at Consolidated from a jumbled mix of policies and procedures and worked toward coherence across departments and throughout operations. You were aided along the way by the program's sponsor, the vice president of operations, as well as by a Privacy Team that started from a clear understanding of the need for change. <br \/>\r<br>Initially, your work was greeted with little confidence or enthusiasm by the company's &quot;old guard&quot; among both the executive team and frontline personnel working with data and interfacing with clients. Through the use of metrics that showed the costs not only of the breaches that had occurred, but also projections of the costs that easily could occur given the current state of operations, you soon had the leaders and key decision-makers largely on your side. Many of the other employees were more resistant, but face-to-face meetings with each department and the development of a baseline privacy training program achieved sufficient &quot;buy-in&quot; to begin putting the proper procedures into place. <br \/>\r<br>Now, privacy protection is an accepted component of all current operations involving personal or protected data and must be part of the end product of any process of technological development. While your approach is not systematic, it is fairly effective. <br \/>\r<br>You are left contemplating: <br \/>\r<br>What must be done to maintain the program and develop it beyond just a data breach prevention <br \/>\r<br>program? How can you build on your success? <br \/>\r<br>What are the next action steps? <br \/>\r<br>What stage of the privacy operational life cycle best describes Consolidated's current privacy program?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='385952' \/><input type='hidden' id='answerType385952' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385952[]' id='answer-id-1501232' class='answer   answerof-385952 ' value='1501232'   \/><label for='answer-id-1501232' id='answer-label-1501232' class=' answer'><span>Assess.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385952[]' id='answer-id-1501233' class='answer   answerof-385952 ' value='1501233'   \/><label for='answer-id-1501233' id='answer-label-1501233' class=' answer'><span>Protect.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385952[]' id='answer-id-1501234' class='answer   answerof-385952 ' value='1501234'   \/><label for='answer-id-1501234' id='answer-label-1501234' class=' answer'><span>Respond.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385952[]' id='answer-id-1501235' class='answer   answerof-385952 ' value='1501235'   \/><label for='answer-id-1501235' id='answer-label-1501235' class=' answer'><span>Sustain.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-385953'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>As the Director of data protection for Consolidated Records Corporation, you are justifiably pleased with your accomplishments so far. Your hiring was precipitated by warnings from regulatory agencies following a series of relatively minor data breaches that could easily have been worse. However, you have not had a reportable incident for the three years that you have been with the company. In fact, you consider your program a model that others in the data storage industry may note in their own program development. <br \/>\r<br>You started the program at Consolidated from a jumbled mix of policies and procedures and worked toward coherence across departments and throughout operations. You were aided along the way by the program's sponsor, the vice president of operations, as well as by a Privacy Team that started from a clear understanding of the need for change. <br \/>\r<br>Initially, your work was greeted with little confidence or enthusiasm by the company's &quot;old guard&quot; among both the executive team and frontline personnel working with data and interfacing with clients. Through the use of metrics that showed the costs not only of the breaches that had occurred, but also projections of the costs that easily could occur given the current state of operations, you soon had the leaders and key decision-makers largely on your side. Many of the other employees were more resistant, but face-to-face meetings with each department and the development of a baseline privacy training program achieved sufficient &quot;buy-in&quot; to begin putting the proper procedures into place. <br \/>\r<br>Now, privacy protection is an accepted component of all current operations involving personal or protected data and must be part of the end product of any process of technological development. While your approach is not systematic, it is fairly effective. <br \/>\r<br>You are left contemplating: <br \/>\r<br>What must be done to maintain the program and develop it beyond just a data breach prevention <br \/>\r<br>program? How can you build on your success? <br \/>\r<br>What are the next action steps? <br \/>\r<br>What practice would afford the Director the most rigorous way to check on the program's compliance with laws, regulations and industry best practices?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='385953' \/><input type='hidden' id='answerType385953' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385953[]' id='answer-id-1501236' class='answer   answerof-385953 ' value='1501236'   \/><label for='answer-id-1501236' id='answer-label-1501236' class=' answer'><span>Auditing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385953[]' id='answer-id-1501237' class='answer   answerof-385953 ' value='1501237'   \/><label for='answer-id-1501237' id='answer-label-1501237' class=' answer'><span>Monitoring.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385953[]' id='answer-id-1501238' class='answer   answerof-385953 ' value='1501238'   \/><label for='answer-id-1501238' id='answer-label-1501238' class=' answer'><span>Assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385953[]' id='answer-id-1501239' class='answer   answerof-385953 ' value='1501239'   \/><label for='answer-id-1501239' id='answer-label-1501239' class=' answer'><span>Forensics.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-385954'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>As the Director of data protection for Consolidated Records Corporation, you are justifiably pleased with your accomplishments so far. Your hiring was precipitated by warnings from regulatory agencies following a series of relatively minor data breaches that could easily have been worse. However, you have not had a reportable incident for the three years that you have been with the company. In fact, you consider your program a model that others in the data storage industry may note in their own program development. <br \/>\r<br>You started the program at Consolidated from a jumbled mix of policies and procedures and worked toward coherence across departments and throughout operations. You were aided along the way by the program's sponsor, the vice president of operations, as well as by a Privacy Team that started from a clear understanding of the need for change. <br \/>\r<br>Initially, your work was greeted with little confidence or enthusiasm by the company's &quot;old guard&quot; among both the executive team and frontline personnel working with data and interfacing with clients. Through the use of metrics that showed the costs not only of the breaches that had occurred, but also projections of the costs that easily could occur given the current state of operations, you soon had the leaders and key decision-makers largely on your side. Many of the other employees were more resistant, but face-to-face meetings with each department and the development of a baseline privacy training program achieved sufficient &quot;buy-in&quot; to begin putting the proper procedures into place. <br \/>\r<br>Now, privacy protection is an accepted component of all current operations involving personal or protected data and must be part of the end product of any process of technological development. While your approach is not systematic, it is fairly effective. <br \/>\r<br>You are left contemplating: <br \/>\r<br>What must be done to maintain the program and develop it beyond just a data breach prevention <br \/>\r<br>program? How can you build on your success? <br \/>\r<br>What are the next action steps? <br \/>\r<br>What analytic can be used to track the financial viability of the program as it develops?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='385954' \/><input type='hidden' id='answerType385954' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385954[]' id='answer-id-1501240' class='answer   answerof-385954 ' value='1501240'   \/><label for='answer-id-1501240' id='answer-label-1501240' class=' answer'><span>Cost basis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385954[]' id='answer-id-1501241' class='answer   answerof-385954 ' value='1501241'   \/><label for='answer-id-1501241' id='answer-label-1501241' class=' answer'><span>Gap analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385954[]' id='answer-id-1501242' class='answer   answerof-385954 ' value='1501242'   \/><label for='answer-id-1501242' id='answer-label-1501242' class=' answer'><span>Return to investment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385954[]' id='answer-id-1501243' class='answer   answerof-385954 ' value='1501243'   \/><label for='answer-id-1501243' id='answer-label-1501243' class=' answer'><span>Breach impact modeling.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-385955'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>As the Director of data protection for Consolidated Records Corporation, you are justifiably pleased with your accomplishments so far. Your hiring was precipitated by warnings from regulatory agencies following a series of relatively minor data breaches that could easily have been worse. However, you have not had a reportable incident for the three years that you have been with the company. In fact, you consider your program a model that others in the data storage industry may note in their own program development. <br \/>\r<br>You started the program at Consolidated from a jumbled mix of policies and procedures and worked toward coherence across departments and throughout operations. You were aided along the way by the program's sponsor, the vice president of operations, as well as by a Privacy Team that started from a clear understanding of the need for change. <br \/>\r<br>Initially, your work was greeted with little confidence or enthusiasm by the company's &quot;old guard&quot; among both the executive team and frontline personnel working with data and interfacing with clients. Through the use of metrics that showed the costs not only of the breaches that had occurred, but also projections of the costs that easily could occur given the current state of operations, you soon had the leaders and key decision-makers largely on your side. Many of the other employees were more resistant, but face-to-face meetings with each department and the development of a baseline privacy training program achieved sufficient &quot;buy-in&quot; to begin putting the proper procedures into place. <br \/>\r<br>Now, privacy protection is an accepted component of all current operations involving personal or protected data and must be part of the end product of any process of technological development. While your approach is not systematic, it is fairly effective. <br \/>\r<br>You are left contemplating: <br \/>\r<br>What must be done to maintain the program and develop it beyond just a data breach prevention <br \/>\r<br>program? How can you build on your success? <br \/>\r<br>What are the next action steps? <br \/>\r<br>What process could most effectively be used to add privacy protections to a new, comprehensive program being developed at Consolidated?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='385955' \/><input type='hidden' id='answerType385955' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385955[]' id='answer-id-1501244' class='answer   answerof-385955 ' value='1501244'   \/><label for='answer-id-1501244' id='answer-label-1501244' class=' answer'><span>Privacy by Design.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385955[]' id='answer-id-1501245' class='answer   answerof-385955 ' value='1501245'   \/><label for='answer-id-1501245' id='answer-label-1501245' class=' answer'><span>Privacy Step Assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385955[]' id='answer-id-1501246' class='answer   answerof-385955 ' value='1501246'   \/><label for='answer-id-1501246' id='answer-label-1501246' class=' answer'><span>Information Security Planning.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385955[]' id='answer-id-1501247' class='answer   answerof-385955 ' value='1501247'   \/><label for='answer-id-1501247' id='answer-label-1501247' class=' answer'><span>Innovation Privacy Standards.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-385956'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Which of the following indicates you have developed the right privacy framework for your organization?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='385956' \/><input type='hidden' id='answerType385956' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385956[]' id='answer-id-1501248' class='answer   answerof-385956 ' value='1501248'   \/><label for='answer-id-1501248' id='answer-label-1501248' class=' answer'><span>It includes a privacy assessment of each major system.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385956[]' id='answer-id-1501249' class='answer   answerof-385956 ' value='1501249'   \/><label for='answer-id-1501249' id='answer-label-1501249' class=' answer'><span>It improves the consistency of the privacy program.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385956[]' id='answer-id-1501250' class='answer   answerof-385956 ' value='1501250'   \/><label for='answer-id-1501250' id='answer-label-1501250' class=' answer'><span>It works at a different type of organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385956[]' id='answer-id-1501251' class='answer   answerof-385956 ' value='1501251'   \/><label for='answer-id-1501251' id='answer-label-1501251' class=' answer'><span>It identifies all key stakeholders by name.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-385957'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>Rationalizing requirements in order to comply with the various privacy requirements required by applicable law and regulation does NOT include which of the following?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='385957' \/><input type='hidden' id='answerType385957' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385957[]' id='answer-id-1501252' class='answer   answerof-385957 ' value='1501252'   \/><label for='answer-id-1501252' id='answer-label-1501252' class=' answer'><span>Harmonizing shared obligations and privacy rights across varying legislation and\/or regulators.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385957[]' id='answer-id-1501253' class='answer   answerof-385957 ' value='1501253'   \/><label for='answer-id-1501253' id='answer-label-1501253' class=' answer'><span>Implementing a solution that significantly addresses shared obligations and privacy rights.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385957[]' id='answer-id-1501254' class='answer   answerof-385957 ' value='1501254'   \/><label for='answer-id-1501254' id='answer-label-1501254' class=' answer'><span>Applying the strictest standard for obligations and privacy rights that doesn't violate privacy laws elsewhere.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385957[]' id='answer-id-1501255' class='answer   answerof-385957 ' value='1501255'   \/><label for='answer-id-1501255' id='answer-label-1501255' class=' answer'><span>Addressing requirements that fall outside the common obligations and rights (outliers) on a case-by-case basis.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-385958'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>What is the name for the privacy strategy model that describes delegated decision making?<\/div><input type='hidden' name='question_id[]' id='qID_7' value='385958' \/><input type='hidden' id='answerType385958' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385958[]' id='answer-id-1501256' class='answer   answerof-385958 ' value='1501256'   \/><label for='answer-id-1501256' id='answer-label-1501256' class=' answer'><span>De-centralized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385958[]' id='answer-id-1501257' class='answer   answerof-385958 ' value='1501257'   \/><label for='answer-id-1501257' id='answer-label-1501257' class=' answer'><span>De-functionalized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385958[]' id='answer-id-1501258' class='answer   answerof-385958 ' value='1501258'   \/><label for='answer-id-1501258' id='answer-label-1501258' class=' answer'><span>Hybrid.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385958[]' id='answer-id-1501259' class='answer   answerof-385958 ' value='1501259'   \/><label for='answer-id-1501259' id='answer-label-1501259' class=' answer'><span>Matrix.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-385959'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>Which of the following controls does the PCI DSS framework NOT require?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='385959' \/><input type='hidden' id='answerType385959' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385959[]' id='answer-id-1501260' class='answer   answerof-385959 ' value='1501260'   \/><label for='answer-id-1501260' id='answer-label-1501260' class=' answer'><span>Implement strong asset control protocols.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385959[]' id='answer-id-1501261' class='answer   answerof-385959 ' value='1501261'   \/><label for='answer-id-1501261' id='answer-label-1501261' class=' answer'><span>Implement strong access control measures.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385959[]' id='answer-id-1501262' class='answer   answerof-385959 ' value='1501262'   \/><label for='answer-id-1501262' id='answer-label-1501262' class=' answer'><span>Maintain an information security policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385959[]' id='answer-id-1501263' class='answer   answerof-385959 ' value='1501263'   \/><label for='answer-id-1501263' id='answer-label-1501263' class=' answer'><span>Maintain a vulnerability management program.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-385960'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>Which of the following privacy frameworks are legally binding?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='385960' \/><input type='hidden' id='answerType385960' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385960[]' id='answer-id-1501264' class='answer   answerof-385960 ' value='1501264'   \/><label for='answer-id-1501264' id='answer-label-1501264' class=' answer'><span>Binding Corporate Rules (BCRs).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385960[]' id='answer-id-1501265' class='answer   answerof-385960 ' value='1501265'   \/><label for='answer-id-1501265' id='answer-label-1501265' class=' answer'><span>Generally Accepted Privacy Principles (GAPP).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385960[]' id='answer-id-1501266' class='answer   answerof-385960 ' value='1501266'   \/><label for='answer-id-1501266' id='answer-label-1501266' class=' answer'><span>Asia-Pacific Economic Cooperation (APEC) Privacy Framework.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385960[]' id='answer-id-1501267' class='answer   answerof-385960 ' value='1501267'   \/><label for='answer-id-1501267' id='answer-label-1501267' class=' answer'><span>Organization for Economic Co-Operation and Development (OECD) Guidelines.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-385961'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>Which of the following is an example of Privacy by Design (PbD)?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='385961' \/><input type='hidden' id='answerType385961' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385961[]' id='answer-id-1501268' class='answer   answerof-385961 ' value='1501268'   \/><label for='answer-id-1501268' id='answer-label-1501268' class=' answer'><span>A company hires a professional to structure a privacy program that anticipates the increasing demands of new laws.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385961[]' id='answer-id-1501269' class='answer   answerof-385961 ' value='1501269'   \/><label for='answer-id-1501269' id='answer-label-1501269' class=' answer'><span>The human resources group develops a training program for employees to become certified in privacy policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385961[]' id='answer-id-1501270' class='answer   answerof-385961 ' value='1501270'   \/><label for='answer-id-1501270' id='answer-label-1501270' class=' answer'><span>A labor union insists that the details of employers' data protection methods be documented in a new contract.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385961[]' id='answer-id-1501271' class='answer   answerof-385961 ' value='1501271'   \/><label for='answer-id-1501271' id='answer-label-1501271' class=' answer'><span>The information technology group uses privacy considerations to inform the development of new networking software.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-385962'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>In regards to the collection of personal data conducted by an organization, what must the data subject be allowed to do?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='385962' \/><input type='hidden' id='answerType385962' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385962[]' id='answer-id-1501272' class='answer   answerof-385962 ' value='1501272'   \/><label for='answer-id-1501272' id='answer-label-1501272' class=' answer'><span>Evaluate the qualifications of a third-party processor before any data is transferred to that processor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385962[]' id='answer-id-1501273' class='answer   answerof-385962 ' value='1501273'   \/><label for='answer-id-1501273' id='answer-label-1501273' class=' answer'><span>Obtain a guarantee of prompt notification in instances involving unauthorized access of the data.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385962[]' id='answer-id-1501274' class='answer   answerof-385962 ' value='1501274'   \/><label for='answer-id-1501274' id='answer-label-1501274' class=' answer'><span>Set a time-limit as to how long the personal data may be stored by the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385962[]' id='answer-id-1501275' class='answer   answerof-385962 ' value='1501275'   \/><label for='answer-id-1501275' id='answer-label-1501275' class=' answer'><span>Challenge the authenticity of the personal data and have it corrected if needed.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-385963'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new initiative to encourage employees to use personal devices for conducting business. The initiative made purchasing a new, high-specification laptop computer an attractive option, with discounted laptops paid for as a payroll deduction spread over a year of paychecks. The organization is also paying the sales taxes. It's a great deal, and after a month, more than half the organization's employees have signed on and acquired new laptops. Walking through the facility, you see them happily customizing and comparing notes on their new computers, and at the end of the day, most take their laptops with them, potentially carrying personal data to their homes or other unknown locations. It's enough to give you data- protection nightmares, and you've pointed out to the information technology Director and many others in the organization the potential hazards of this new practice, including the inevitability of eventual data loss or theft. <br \/>\r<br>Today you have in your office a representative of the organization's marketing department who shares with you, reluctantly, a story with potentially serious consequences. The night before, straight from work, with laptop in hand, he went to the Bull and Horn Pub to play billiards with his friends. A fine night of sport and socializing began, with the laptop &quot;safely&quot; tucked on a bench, beneath his jacket. Later that night, when it was time to depart, he retrieved the jacket, but the laptop was gone. It was not beneath the bench or on another bench nearby. The waitstaff had not seen it. His friends were not playing a joke on him. After a sleepless night, he confirmed it this morning, stopping by the pub to talk to the cleanup crew. They had not found it. The laptop was missing. Stolen, it seems. He looks at you, embarrassed and upset. <br \/>\r<br>You ask him if the laptop contains any personal data from clients, and, sadly, he nods his head, yes. He believes it contains files on about 100 clients, including names, addresses and governmental identification numbers. He sighs and places his head in his hands in despair. <br \/>\r<br>Which is the best way to ensure that data on personal equipment is protected?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='385963' \/><input type='hidden' id='answerType385963' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385963[]' id='answer-id-1501276' class='answer   answerof-385963 ' value='1501276'   \/><label for='answer-id-1501276' id='answer-label-1501276' class=' answer'><span>User risk training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385963[]' id='answer-id-1501277' class='answer   answerof-385963 ' value='1501277'   \/><label for='answer-id-1501277' id='answer-label-1501277' class=' answer'><span>Biometric security.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385963[]' id='answer-id-1501278' class='answer   answerof-385963 ' value='1501278'   \/><label for='answer-id-1501278' id='answer-label-1501278' class=' answer'><span>Encryption of the data.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385963[]' id='answer-id-1501279' class='answer   answerof-385963 ' value='1501279'   \/><label for='answer-id-1501279' id='answer-label-1501279' class=' answer'><span>Frequent data backups.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-385964'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new initiative to encourage employees to use personal devices for conducting business. The initiative made purchasing a new, high-specification laptop computer an attractive option, with discounted laptops paid for as a payroll deduction spread over a year of paychecks. The organization is also paying the sales taxes. It's a great deal, and after a month, more than half the organization's employees have signed on and acquired new laptops. Walking through the facility, you see them happily customizing and comparing notes on their new computers, and at the end of the day, most take their laptops with them, potentially carrying personal data to their homes or other unknown locations. It's enough to give you data- protection nightmares, and you've pointed out to the information technology Director and many others in the organization the potential hazards of this new practice, including the inevitability of eventual data loss or theft. <br \/>\r<br>Today you have in your office a representative of the organization's marketing department who shares with you, reluctantly, a story with potentially serious consequences. The night before, straight from work, with laptop in hand, he went to the Bull and Horn Pub to play billiards with his friends. A fine night of sport and socializing began, with the laptop &quot;safely&quot; tucked on a bench, beneath his jacket. Later that night, when it was time to depart, he retrieved the jacket, but the laptop was gone. It was not beneath the bench or on another bench nearby. The waitstaff had not seen it. His friends were not playing a joke on him. After a sleepless night, he confirmed it this morning, stopping by the pub to talk to the cleanup crew. They had not found it. The laptop was missing. Stolen, it seems. He looks at you, embarrassed and upset. <br \/>\r<br>You ask him if the laptop contains any personal data from clients, and, sadly, he nods his head, yes. He believes it contains files on about 100 clients, including names, addresses and governmental identification numbers. He sighs and places his head in his hands in despair. <br \/>\r<br>From a business standpoint, what is the most productive way to view employee use of personal equipment for work-related tasks?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='385964' \/><input type='hidden' id='answerType385964' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385964[]' id='answer-id-1501280' class='answer   answerof-385964 ' value='1501280'   \/><label for='answer-id-1501280' id='answer-label-1501280' class=' answer'><span>The use of personal equipment is a cost-effective measure that leads to no greater security risks than are always present in a modern organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385964[]' id='answer-id-1501281' class='answer   answerof-385964 ' value='1501281'   \/><label for='answer-id-1501281' id='answer-label-1501281' class=' answer'><span>Any computer or other equipment is company property whenever it is used for company business.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385964[]' id='answer-id-1501282' class='answer   answerof-385964 ' value='1501282'   \/><label for='answer-id-1501282' id='answer-label-1501282' class=' answer'><span>While the company may not own the equipment, it is required to protect the business-related data on any equipment used by its employees.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385964[]' id='answer-id-1501283' class='answer   answerof-385964 ' value='1501283'   \/><label for='answer-id-1501283' id='answer-label-1501283' class=' answer'><span>The use of personal equipment must be reduced as it leads to inevitable security risks.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-385965'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new initiative to encourage employees to use personal devices for conducting business. The initiative made purchasing a new, high-specification laptop computer an attractive option, with discounted laptops paid for as a payroll deduction spread over a year of paychecks. The organization is also paying the sales taxes. It's a great deal, and after a month, more than half the organization's employees have signed on and acquired new laptops. Walking through the facility, you see them happily customizing and comparing notes on their new computers, and at the end of the day, most take their laptops with them, potentially carrying personal data to their homes or other unknown locations. It's enough to give you data- protection nightmares, and you've pointed out to the information technology Director and many others in the organization the potential hazards of this new practice, including the inevitability of eventual data loss or theft. <br \/>\r<br>Today you have in your office a representative of the organization's marketing department who shares with you, reluctantly, a story with potentially serious consequences. The night before, straight from work, with laptop in hand, he went to the Bull and Horn Pub to play billiards with his friends. A fine night of sport and socializing began, with the laptop &quot;safely&quot; tucked on a bench, beneath his jacket. Later that night, when it was time to depart, he retrieved the jacket, but the laptop was gone. It was not beneath the bench or on another bench nearby. The waitstaff had not seen it. His friends were not playing a joke on him. After a sleepless night, he confirmed it this morning, stopping by the pub to talk to the cleanup crew. They had not found it. The laptop was missing. Stolen, it seems. He looks at you, embarrassed and upset. <br \/>\r<br>You ask him if the laptop contains any personal data from clients, and, sadly, he nods his head, yes. He believes it contains files on about 100 clients, including names, addresses and governmental identification numbers. He sighs and places his head in his hands in despair. <br \/>\r<br>In order to determine the best course of action, how should this incident most productively be viewed?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='385965' \/><input type='hidden' id='answerType385965' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385965[]' id='answer-id-1501284' class='answer   answerof-385965 ' value='1501284'   \/><label for='answer-id-1501284' id='answer-label-1501284' class=' answer'><span>As the accidental loss of personal property containing data that must be restored.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385965[]' id='answer-id-1501285' class='answer   answerof-385965 ' value='1501285'   \/><label for='answer-id-1501285' id='answer-label-1501285' class=' answer'><span>As a potential compromise of personal information through unauthorized access.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385965[]' id='answer-id-1501286' class='answer   answerof-385965 ' value='1501286'   \/><label for='answer-id-1501286' id='answer-label-1501286' class=' answer'><span>As an incident that requires the abrupt initiation of a notification campaign.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385965[]' id='answer-id-1501287' class='answer   answerof-385965 ' value='1501287'   \/><label for='answer-id-1501287' id='answer-label-1501287' class=' answer'><span>As the premeditated theft of company data, until shown otherwise.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-385966'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new initiative to encourage employees to use personal devices for conducting business. The initiative made purchasing a new, high-specification laptop computer an attractive option, with discounted laptops paid for as a payroll deduction spread over a year of paychecks. The organization is also paying the sales taxes. It's a great deal, and after a month, more than half the organization's employees have signed on and acquired new laptops. Walking through the facility, you see them happily customizing and comparing notes on their new computers, and at the end of the day, most take their laptops with them, potentially carrying personal data to their homes or other unknown locations. It's enough to give you data- protection nightmares, and you've pointed out to the information technology Director and many others in the organization the potential hazards of this new practice, including the inevitability of eventual data loss or theft. <br \/>\r<br>Today you have in your office a representative of the organization's marketing department who shares with you, reluctantly, a story with potentially serious consequences. The night before, straight from work, with laptop in hand, he went to the Bull and Horn Pub to play billiards with his friends. A fine night of sport and socializing began, with the laptop &quot;safely&quot; tucked on a bench, beneath his jacket. Later that night, when it was time to depart, he retrieved the jacket, but the laptop was gone. It was not beneath the bench or on another bench nearby. The waitstaff had not seen it. His friends were not playing a joke on him. After a sleepless night, he confirmed it this morning, stopping by the pub to talk to the cleanup crew. They had not found it. The laptop was missing. Stolen, it seems. He looks at you, embarrassed and upset. <br \/>\r<br>You ask him if the laptop contains any personal data from clients, and, sadly, he nods his head, yes. He believes it contains files on about 100 clients, including names, addresses and governmental identification numbers. He sighs and places his head in his hands in despair. <br \/>\r<br>What should you do first to ascertain additional information about the loss of data?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='385966' \/><input type='hidden' id='answerType385966' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385966[]' id='answer-id-1501288' class='answer   answerof-385966 ' value='1501288'   \/><label for='answer-id-1501288' id='answer-label-1501288' class=' answer'><span>Interview the person reporting the incident following a standard protocol.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385966[]' id='answer-id-1501289' class='answer   answerof-385966 ' value='1501289'   \/><label for='answer-id-1501289' id='answer-label-1501289' class=' answer'><span>Call the police to investigate even if you are unsure a crime occurred.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385966[]' id='answer-id-1501290' class='answer   answerof-385966 ' value='1501290'   \/><label for='answer-id-1501290' id='answer-label-1501290' class=' answer'><span>Investigate the background of the person reporting the incident.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385966[]' id='answer-id-1501291' class='answer   answerof-385966 ' value='1501291'   \/><label for='answer-id-1501291' id='answer-label-1501291' class=' answer'><span>Check company records of the latest backups to see what data may be recoverable.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-385967'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>Which is NOT an influence on the privacy environment external to an organization?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='385967' \/><input type='hidden' id='answerType385967' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385967[]' id='answer-id-1501292' class='answer   answerof-385967 ' value='1501292'   \/><label for='answer-id-1501292' id='answer-label-1501292' class=' answer'><span>Management team priorities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385967[]' id='answer-id-1501293' class='answer   answerof-385967 ' value='1501293'   \/><label for='answer-id-1501293' id='answer-label-1501293' class=' answer'><span>Regulations.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385967[]' id='answer-id-1501294' class='answer   answerof-385967 ' value='1501294'   \/><label for='answer-id-1501294' id='answer-label-1501294' class=' answer'><span>Consumer demand.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385967[]' id='answer-id-1501295' class='answer   answerof-385967 ' value='1501295'   \/><label for='answer-id-1501295' id='answer-label-1501295' class=' answer'><span>Technological advances.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-385968'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>How are individual program needs and specific organizational goals identified in privacy framework development?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='385968' \/><input type='hidden' id='answerType385968' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385968[]' id='answer-id-1501296' class='answer   answerof-385968 ' value='1501296'   \/><label for='answer-id-1501296' id='answer-label-1501296' class=' answer'><span>By employing metrics to align privacy protection with objectives.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385968[]' id='answer-id-1501297' class='answer   answerof-385968 ' value='1501297'   \/><label for='answer-id-1501297' id='answer-label-1501297' class=' answer'><span>Through conversations with the privacy team.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385968[]' id='answer-id-1501298' class='answer   answerof-385968 ' value='1501298'   \/><label for='answer-id-1501298' id='answer-label-1501298' class=' answer'><span>By employing an industry-standard needs analysis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385968[]' id='answer-id-1501299' class='answer   answerof-385968 ' value='1501299'   \/><label for='answer-id-1501299' id='answer-label-1501299' class=' answer'><span>Through creation of the business case.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-385969'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Natalia, CFO of the Nationwide Grill restaurant chain, had never seen her fellow executives so anxious. Last week, a data processing firm used by the company reported that its system may have been hacked, and customer data such as names, addresses, and birthdays may have been compromised. Although the attempt was proven unsuccessful, the scare has prompted several Nationwide Grill executives to Question the company's privacy program at today's meeting. <br \/>\r<br>Alice, a vice president, said that the incident could have opened the door to lawsuits, potentially damaging <br \/>\r<br>Nationwide Grill's market position. The Chief Information Officer (CIO), Brendan, tried to assure her that even if there had been an actual breach, the chances of a successful suit against the company were slim. But Alice remained unconvinced. <br \/>\r<br>Spencer C a former CEO and currently a senior advisor C said that he had always warned against the use of contractors for data processing. At the very least, he argued, they should be held contractually liable for telling customers about any security incidents. In his view, Nationwide Grill should not be forced to soil the company name for a problem it did not cause. <br \/>\r<br>One of the business development (BD) executives, Haley, then spoke, imploring everyone to see reason. &quot;Breaches can happen, despite organizations' best efforts,&quot; she remarked. &quot;Reasonable preparedness is key.&quot; She reminded everyone of the incident seven years ago when the large grocery chain Tinkerton's had its financial information compromised after a large order of Nationwide Grill frozen dinners. As a long-time BD executive with a solid understanding of Tinkerton's's corporate culture, built up through many years of cultivating relationships, Haley was able to successfully manage the company's incident response. <br \/>\r<br>Spencer replied that acting with reason means allowing security to be handled by the security functions within the company C not BD staff. In a similar way, he said, Human Resources (HR) needs to do a better job training employees to prevent incidents. He pointed out that Nationwide Grill employees are overwhelmed with posters, emails, and memos from both HR and the ethics department related to the company's privacy program. Both the volume and the duplication of information means that it is often ignored altogether. <br \/>\r<br>Spencer said, &quot;The company needs to dedicate itself to its privacy program and set regular in-person trainings for all staff once a month.&quot; <br \/>\r<br>Alice responded that the suggestion, while well-meaning, is not practical. With many locations, local HR departments need to have flexibility with their training schedules. Silently, Natalia agreed. <br \/>\r<br>What is the most realistic step the organization can take to help diminish liability in the event of another incident?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='385969' \/><input type='hidden' id='answerType385969' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385969[]' id='answer-id-1501300' class='answer   answerof-385969 ' value='1501300'   \/><label for='answer-id-1501300' id='answer-label-1501300' class=' answer'><span>Requiring the vendor to perform periodic internal audits.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385969[]' id='answer-id-1501301' class='answer   answerof-385969 ' value='1501301'   \/><label for='answer-id-1501301' id='answer-label-1501301' class=' answer'><span>Specifying mandatory data protection practices in vendor contracts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385969[]' id='answer-id-1501302' class='answer   answerof-385969 ' value='1501302'   \/><label for='answer-id-1501302' id='answer-label-1501302' class=' answer'><span>Keeping the majority of processing activities within the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385969[]' id='answer-id-1501303' class='answer   answerof-385969 ' value='1501303'   \/><label for='answer-id-1501303' id='answer-label-1501303' class=' answer'><span>Obtaining customer consent for any third-party processing of personal data.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-385970'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Natalia, CFO of the Nationwide Grill restaurant chain, had never seen her fellow executives so anxious. Last week, a data processing firm used by the company reported that its system may have been hacked, and customer data such as names, addresses, and birthdays may have been compromised. Although the attempt was proven unsuccessful, the scare has prompted several Nationwide Grill executives to Question the company's privacy program at today's meeting. <br \/>\r<br>Alice, a vice president, said that the incident could have opened the door to lawsuits, potentially damaging Nationwide Grill's market position. The Chief Information Officer (CIO), Brendan, tried to assure her that even if there had been an actual breach, the chances of a successful suit against the company were slim. But Alice remained unconvinced. <br \/>\r<br>Spencer C a former CEO and currently a senior advisor C said that he had always warned against the use of contractors for data processing. At the very least, he argued, they should be held contractually liable for telling customers about any security incidents. In his view, Nationwide Grill should not be forced to soil the company name for a problem it did not cause. <br \/>\r<br>One of the business development (BD) executives, Haley, then spoke, imploring everyone to see reason. &quot;Breaches can happen, despite organizations' best efforts,&quot; she remarked. &quot;Reasonable preparedness is key.&quot; She reminded everyone of the incident seven years ago when the large grocery chain Tinkerton's had its financial information compromised after a large order of Nationwide Grill frozen dinners. As a long-time BD executive with a solid understanding of Tinkerton's's corporate culture, built up through many years of cultivating relationships, Haley was able to successfully manage the company's incident response. <br \/>\r<br>Spencer replied that acting with reason means allowing security to be handled by the security functions within the company C not BD staff. In a similar way, he said, Human Resources (HR) needs to do a better job training employees to prevent incidents. He pointed out that Nationwide Grill employees are overwhelmed with posters, emails, and memos from both HR and the ethics department related to the company's privacy program. Both the volume and the duplication of information means that it is often ignored altogether. <br \/>\r<br>Spencer said, &quot;The company needs to dedicate itself to its privacy program and set regular in-person trainings for all staff once a month.&quot; <br \/>\r<br>Alice responded that the suggestion, while well-meaning, is not practical. With many locations, local HR departments need to have flexibility with their training schedules. Silently, Natalia agreed. <br \/>\r<br>Based on the scenario, Nationwide Grill needs to create better employee awareness of the company's privacy program by doing what?<\/div><input type='hidden' name='question_id[]' id='qID_19' value='385970' \/><input type='hidden' id='answerType385970' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385970[]' id='answer-id-1501304' class='answer   answerof-385970 ' value='1501304'   \/><label for='answer-id-1501304' id='answer-label-1501304' class=' answer'><span>Varying the modes of communication.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385970[]' id='answer-id-1501305' class='answer   answerof-385970 ' value='1501305'   \/><label for='answer-id-1501305' id='answer-label-1501305' class=' answer'><span>Communicating to the staff more often.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385970[]' id='answer-id-1501306' class='answer   answerof-385970 ' value='1501306'   \/><label for='answer-id-1501306' id='answer-label-1501306' class=' answer'><span>Improving inter-departmental cooperation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385970[]' id='answer-id-1501307' class='answer   answerof-385970 ' value='1501307'   \/><label for='answer-id-1501307' id='answer-label-1501307' class=' answer'><span>Requiring acknowledgment of company memos.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-385971'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Natalia, CFO of the Nationwide Grill restaurant chain, had never seen her fellow executives so anxious. Last week, a data processing firm used by the company reported that its system may have been hacked, and customer data such as names, addresses, and birthdays may have been compromised. Although the attempt was proven unsuccessful, the scare has prompted several Nationwide Grill executives to Question the company's privacy program at today's meeting. <br \/>\r<br>Alice, a vice president, said that the incident could have opened the door to lawsuits, potentially damaging Nationwide Grill's market position. The Chief Information Officer (CIO), Brendan, tried to assure her that even if there had been an actual breach, the chances of a successful suit against the company were slim. But Alice remained unconvinced. <br \/>\r<br>Spencer C a former CEO and currently a senior advisor C said that he had always warned against the use of contractors for data processing. At the very least, he argued, they should be held contractually liable for telling <br \/>\r<br>customers about any security incidents. In his view, Nationwide Grill should not be forced to soil the company name for a problem it did not cause. <br \/>\r<br>One of the business development (BD) executives, Haley, then spoke, imploring everyone to see reason. &quot;Breaches can happen, despite organizations' best efforts,&quot; she remarked. &quot;Reasonable preparedness is key.&quot; She reminded everyone of the incident seven years ago when the large grocery chain Tinkerton's had its financial information compromised after a large order of Nationwide Grill frozen dinners. As a long-time BD executive with a solid understanding of Tinkerton's's corporate culture, built up through many years of cultivating relationships, Haley was able to successfully manage the company's incident response. <br \/>\r<br>Spencer replied that acting with reason means allowing security to be handled by the security functions within the company C not BD staff. In a similar way, he said, Human Resources (HR) needs to do a better job training employees to prevent incidents. He pointed out that Nationwide Grill employees are overwhelmed with posters, emails, and memos from both HR and the ethics department related to the company's privacy program. Both the volume and the duplication of information means that it is often ignored altogether. <br \/>\r<br>Spencer said, &quot;The company needs to dedicate itself to its privacy program and set regular in-person trainings for all staff once a month.&quot; <br \/>\r<br>Alice responded that the suggestion, while well-meaning, is not practical. With many locations, local HR departments need to have flexibility with their training schedules. Silently, Natalia agreed. <br \/>\r<br>How could the objection to Spencer's training suggestion be addressed?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='385971' \/><input type='hidden' id='answerType385971' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385971[]' id='answer-id-1501308' class='answer   answerof-385971 ' value='1501308'   \/><label for='answer-id-1501308' id='answer-label-1501308' class=' answer'><span>By requiring training only on an as-needed basis.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385971[]' id='answer-id-1501309' class='answer   answerof-385971 ' value='1501309'   \/><label for='answer-id-1501309' id='answer-label-1501309' class=' answer'><span>By offering alternative delivery methods for trainings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385971[]' id='answer-id-1501310' class='answer   answerof-385971 ' value='1501310'   \/><label for='answer-id-1501310' id='answer-label-1501310' class=' answer'><span>By introducing a system of periodic refresher trainings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385971[]' id='answer-id-1501311' class='answer   answerof-385971 ' value='1501311'   \/><label for='answer-id-1501311' id='answer-label-1501311' class=' answer'><span>By customizing training based on length of employee tenure.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-385972'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Natalia, CFO of the Nationwide Grill restaurant chain, had never seen her fellow executives so anxious. Last week, a data processing firm used by the company reported that its system may have been hacked, and customer data such as names, addresses, and birthdays may have been compromised. Although the attempt was proven unsuccessful, the scare has prompted several Nationwide Grill executives to Question the company's privacy program at today's meeting. <br \/>\r<br>Alice, a vice president, said that the incident could have opened the door to lawsuits, potentially damaging Nationwide Grill's market position. The Chief Information Officer (CIO), Brendan, tried to assure her that even if there had been an actual breach, the chances of a successful suit against the company were slim. But Alice remained unconvinced. <br \/>\r<br>Spencer C a former CEO and currently a senior advisor C said that he had always warned against the use of contractors for data processing. At the very least, he argued, they should be held contractually liable for telling customers about any security incidents. In his view, Nationwide Grill should not be forced to soil the company name for a problem it did not cause. <br \/>\r<br>One of the business development (BD) executives, Haley, then spoke, imploring everyone to see reason. <br \/>\r<br>&quot;Breaches can happen, despite organizations' best efforts,&quot; she remarked. &quot;Reasonable preparedness is key.&quot; She reminded everyone of the incident seven years ago when the large grocery chain Tinkerton's had its financial information compromised after a large order of Nationwide Grill frozen dinners. As a long-time BD executive with a solid understanding of Tinkerton's's corporate culture, built up through many years of cultivating relationships, Haley was able to successfully manage the company's incident response. <br \/>\r<br>Spencer replied that acting with reason means allowing security to be handled by the security functions within the company C not BD staff. In a similar way, he said, Human Resources (HR) needs to do a better job training employees to prevent incidents. He pointed out that Nationwide Grill employees are overwhelmed with posters, emails, and memos from both HR and the ethics department related to the company's privacy program. Both the volume and the duplication of information means that it is often ignored altogether. <br \/>\r<br>Spencer said, &quot;The company needs to dedicate itself to its privacy program and set regular in-person trainings for all staff once a month.&quot; <br \/>\r<br>Alice responded that the suggestion, while well-meaning, is not practical. With many locations, local HR departments need to have flexibility with their training schedules. Silently, Natalia agreed. <br \/>\r<br>The senior advisor, Spencer, has a misconception regarding?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='385972' \/><input type='hidden' id='answerType385972' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385972[]' id='answer-id-1501312' class='answer   answerof-385972 ' value='1501312'   \/><label for='answer-id-1501312' id='answer-label-1501312' class=' answer'><span>The amount of responsibility that a data controller retains.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385972[]' id='answer-id-1501313' class='answer   answerof-385972 ' value='1501313'   \/><label for='answer-id-1501313' id='answer-label-1501313' class=' answer'><span>The appropriate role of an organization's security department.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385972[]' id='answer-id-1501314' class='answer   answerof-385972 ' value='1501314'   \/><label for='answer-id-1501314' id='answer-label-1501314' class=' answer'><span>The degree to which training can lessen the number of security incidents.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385972[]' id='answer-id-1501315' class='answer   answerof-385972 ' value='1501315'   \/><label for='answer-id-1501315' id='answer-label-1501315' class=' answer'><span>The role of Human Resources employees in an organization's privacy program.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-385973'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>Formosa International operates in 20 different countries including the United States and France. <br \/>\r<br>What organizational approach would make complying with a number of different regulations easier?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='385973' \/><input type='hidden' id='answerType385973' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385973[]' id='answer-id-1501316' class='answer   answerof-385973 ' value='1501316'   \/><label for='answer-id-1501316' id='answer-label-1501316' class=' answer'><span>Data mapping.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385973[]' id='answer-id-1501317' class='answer   answerof-385973 ' value='1501317'   \/><label for='answer-id-1501317' id='answer-label-1501317' class=' answer'><span>Fair Information Practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385973[]' id='answer-id-1501318' class='answer   answerof-385973 ' value='1501318'   \/><label for='answer-id-1501318' id='answer-label-1501318' class=' answer'><span>Rationalizing requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385973[]' id='answer-id-1501319' class='answer   answerof-385973 ' value='1501319'   \/><label for='answer-id-1501319' id='answer-label-1501319' class=' answer'><span>Decentralized privacy management.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-385974'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>When implementing Privacy by Design (PbD), what would NOT be a key consideration?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='385974' \/><input type='hidden' id='answerType385974' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385974[]' id='answer-id-1501320' class='answer   answerof-385974 ' value='1501320'   \/><label for='answer-id-1501320' id='answer-label-1501320' class=' answer'><span>Collection limitation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385974[]' id='answer-id-1501321' class='answer   answerof-385974 ' value='1501321'   \/><label for='answer-id-1501321' id='answer-label-1501321' class=' answer'><span>Data minimization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385974[]' id='answer-id-1501322' class='answer   answerof-385974 ' value='1501322'   \/><label for='answer-id-1501322' id='answer-label-1501322' class=' answer'><span>Limitations on liability.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385974[]' id='answer-id-1501323' class='answer   answerof-385974 ' value='1501323'   \/><label for='answer-id-1501323' id='answer-label-1501323' class=' answer'><span>Purpose specification.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-385975'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>For an organization that has just experienced a data breach, what might be the least relevant metric for a company's privacy and governance team?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='385975' \/><input type='hidden' id='answerType385975' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385975[]' id='answer-id-1501324' class='answer   answerof-385975 ' value='1501324'   \/><label for='answer-id-1501324' id='answer-label-1501324' class=' answer'><span>The number of security patches applied to company devices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385975[]' id='answer-id-1501325' class='answer   answerof-385975 ' value='1501325'   \/><label for='answer-id-1501325' id='answer-label-1501325' class=' answer'><span>The number of privacy rights requests that have been exercised.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385975[]' id='answer-id-1501326' class='answer   answerof-385975 ' value='1501326'   \/><label for='answer-id-1501326' id='answer-label-1501326' class=' answer'><span>The number of Privacy Impact Assessments that have been completed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385975[]' id='answer-id-1501327' class='answer   answerof-385975 ' value='1501327'   \/><label for='answer-id-1501327' id='answer-label-1501327' class=' answer'><span>The number of employees who have completed data awareness training.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-385976'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>In which situation would a Privacy Impact Assessment (PIA) be the least likely to be required?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='385976' \/><input type='hidden' id='answerType385976' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385976[]' id='answer-id-1501328' class='answer   answerof-385976 ' value='1501328'   \/><label for='answer-id-1501328' id='answer-label-1501328' class=' answer'><span>If a company created a credit-scoring platform five years ago.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385976[]' id='answer-id-1501329' class='answer   answerof-385976 ' value='1501329'   \/><label for='answer-id-1501329' id='answer-label-1501329' class=' answer'><span>If a health-care professional or lawyer processed personal data from a patient's file.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385976[]' id='answer-id-1501330' class='answer   answerof-385976 ' value='1501330'   \/><label for='answer-id-1501330' id='answer-label-1501330' class=' answer'><span>If a social media company created a new product compiling personal data to generate user profiles.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385976[]' id='answer-id-1501331' class='answer   answerof-385976 ' value='1501331'   \/><label for='answer-id-1501331' id='answer-label-1501331' class=' answer'><span>If an after-school club processed children's data to determine which children might have food allergies.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-385977'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>Under the General Data Protection Regulation (GDPR), what must be included in a written agreement between the controller and processor in relation to processing conducted on the controller's behalf?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='385977' \/><input type='hidden' id='answerType385977' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385977[]' id='answer-id-1501332' class='answer   answerof-385977 ' value='1501332'   \/><label for='answer-id-1501332' id='answer-label-1501332' class=' answer'><span>An obligation on the processor to report any personal data breach to the controller within 72 hours.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385977[]' id='answer-id-1501333' class='answer   answerof-385977 ' value='1501333'   \/><label for='answer-id-1501333' id='answer-label-1501333' class=' answer'><span>An obligation on both parties to report any serious personal data breach to the supervisory authority.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385977[]' id='answer-id-1501334' class='answer   answerof-385977 ' value='1501334'   \/><label for='answer-id-1501334' id='answer-label-1501334' class=' answer'><span>An obligation on both parties to agree to a termination of the agreement if the other party is responsible for a personal data breach.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385977[]' id='answer-id-1501335' class='answer   answerof-385977 ' value='1501335'   \/><label for='answer-id-1501335' id='answer-label-1501335' class=' answer'><span>An obligation on the processor to assist the controller in complying with the controller's obligations to notify the supervisory authority about personal data breaches.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-385978'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Perhaps Jack Kelly should have stayed in the U.S. He enjoys a formidable reputation inside the company, Special Handling Shipping, for his work in reforming certain &quot;rogue&quot; offices. Last year, news broke that a police sting operation had revealed a drug ring operating in the Providence, Rhode Island office in the United States. Video from the office's video surveillance cameras leaked to news operations showed a drug exchange between Special Handling staff and undercover officers. <br \/>\r<br>In the wake of this incident, Kelly had been sent to Providence to change the &quot;hands off&quot; culture that upper management believed had let the criminal elements conduct their illicit transactions. After a few weeks under Kelly's direction, the office became a model of efficiency and customer service. Kelly monitored his workers' activities using the same cameras that had recorded the illegal conduct of their former co-workers. <br \/>\r<br>Now Kelly has been charged with turning around the office in Cork, Ireland, another trouble spot. The company has received numerous reports of the staff leaving the office unattended. When Kelly arrived, he found that even when present, the staff often spent their days socializing or conducting personal business on their mobile phones. Again, he observed their behaviors using surveillance cameras. He issued written reprimands to six staff members based on the first day of video alone. <br \/>\r<br>Much to Kelly's surprise and chagrin, he and the company are now under investigation by the Data Protection Commissioner of Ireland for allegedly violating the privacy rights of employees. Kelly was told that the company's license for the cameras listed facility security as their main use, but he does not know why this matters. He has pointed out to his superiors that the company's training programs on privacy protection and data collection mention nothing about surveillance video. <br \/>\r<br>You are a privacy protection consultant, hired by the company to assess this incident, report on the legal and compliance issues, and recommend next steps. <br \/>\r<br>What does this example best illustrate about training requirements for privacy protection?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='385978' \/><input type='hidden' id='answerType385978' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385978[]' id='answer-id-1501336' class='answer   answerof-385978 ' value='1501336'   \/><label for='answer-id-1501336' id='answer-label-1501336' class=' answer'><span>Training needs must be weighed against financial costs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385978[]' id='answer-id-1501337' class='answer   answerof-385978 ' value='1501337'   \/><label for='answer-id-1501337' id='answer-label-1501337' class=' answer'><span>Training on local laws must be implemented for all personnel.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385978[]' id='answer-id-1501338' class='answer   answerof-385978 ' value='1501338'   \/><label for='answer-id-1501338' id='answer-label-1501338' class=' answer'><span>Training must be repeated frequently to respond to new legislation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385978[]' id='answer-id-1501339' class='answer   answerof-385978 ' value='1501339'   \/><label for='answer-id-1501339' id='answer-label-1501339' class=' answer'><span>Training must include assessments to verify that the material is mastered.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-385979'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Perhaps Jack Kelly should have stayed in the U.S. He enjoys a formidable reputation inside the company, Special Handling Shipping, for his work in reforming certain &quot;rogue&quot; offices. Last year, news broke that a police sting operation had revealed a drug ring operating in the Providence, Rhode Island office in the United States. Video from the office's video surveillance cameras leaked to news operations showed a drug exchange between Special Handling staff and undercover officers. <br \/>\r<br>In the wake of this incident, Kelly had been sent to Providence to change the &quot;hands off&quot; culture that upper management believed had let the criminal elements conduct their illicit transactions. After a few weeks under Kelly's direction, the office became a model of efficiency and customer service. Kelly monitored his workers' activities using the same cameras that had recorded the illegal conduct of their former co-workers. <br \/>\r<br>Now Kelly has been charged with turning around the office in Cork, Ireland, another trouble spot. The company has received numerous reports of the staff leaving the office unattended. When Kelly arrived, he found that even when present, the staff often spent their days socializing or conducting personal business on their mobile phones. Again, he observed their behaviors using surveillance cameras. He issued written reprimands to six staff members based on the first day of video alone. <br \/>\r<br>Much to Kelly's surprise and chagrin, he and the company are now under investigation by the Data Protection Commissioner of Ireland for allegedly violating the privacy rights of employees. Kelly was told that the company's license for the cameras listed facility security as their main use, but he does not know why this matters. He has pointed out to his superiors that the company's training programs on privacy protection and data collection mention nothing about surveillance video. <br \/>\r<br>You are a privacy protection consultant, hired by the company to assess this incident, report on the legal and compliance issues, and recommend next steps. <br \/>\r<br>Knowing that the regulator is now investigating, what would be the best step to take?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='385979' \/><input type='hidden' id='answerType385979' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385979[]' id='answer-id-1501340' class='answer   answerof-385979 ' value='1501340'   \/><label for='answer-id-1501340' id='answer-label-1501340' class=' answer'><span>Consult an attorney experienced in privacy law and litigation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385979[]' id='answer-id-1501341' class='answer   answerof-385979 ' value='1501341'   \/><label for='answer-id-1501341' id='answer-label-1501341' class=' answer'><span>Use your background and knowledge to set a course of action.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385979[]' id='answer-id-1501342' class='answer   answerof-385979 ' value='1501342'   \/><label for='answer-id-1501342' id='answer-label-1501342' class=' answer'><span>If you know the organization is guilty, advise it to accept the punishment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385979[]' id='answer-id-1501343' class='answer   answerof-385979 ' value='1501343'   \/><label for='answer-id-1501343' id='answer-label-1501343' class=' answer'><span>Negotiate the terms of a settlement before formal legal action takes place.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-385980'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Perhaps Jack Kelly should have stayed in the U.S. He enjoys a formidable reputation inside the company, Special Handling Shipping, for his work in reforming certain &quot;rogue&quot; offices. Last year, news broke that a police sting operation had revealed a drug ring operating in the Providence, Rhode Island office in the United States. Video from the office's video surveillance cameras leaked to news operations showed a drug exchange between Special Handling staff and undercover officers. <br \/>\r<br>In the wake of this incident, Kelly had been sent to Providence to change the &quot;hands off&quot; culture that upper management believed had let the criminal elements conduct their illicit transactions. After a few weeks under Kelly's direction, the office became a model of efficiency and customer service. Kelly monitored his workers' activities using the same cameras that had recorded the illegal conduct of their former co-workers. <br \/>\r<br>Now Kelly has been charged with turning around the office in Cork, Ireland, another trouble spot. The company has received numerous reports of the staff leaving the office unattended. When Kelly arrived, he found that even when present, the staff often spent their days socializing or conducting personal business on their mobile phones. Again, he observed their behaviors using surveillance cameras. He issued written reprimands to six staff members based on the first day of video alone. <br \/>\r<br>Much to Kelly's surprise and chagrin, he and the company are now under investigation by the Data Protection Commissioner of Ireland for allegedly violating the privacy rights of employees. Kelly was told that the company's license for the cameras listed facility security as their main use, but he does not know why this matters. He has pointed out to his superiors that the company's training programs on privacy protection and data collection mention nothing about surveillance video. <br \/>\r<br>You are a privacy protection consultant, hired by the company to assess this incident, report on the <br \/>\r<br>legal and compliance issues, and recommend next steps. <br \/>\r<br>What should you advise this company regarding the status of security cameras at their offices in the United States?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='385980' \/><input type='hidden' id='answerType385980' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385980[]' id='answer-id-1501344' class='answer   answerof-385980 ' value='1501344'   \/><label for='answer-id-1501344' id='answer-label-1501344' class=' answer'><span>Add security cameras at facilities that are now without them.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385980[]' id='answer-id-1501345' class='answer   answerof-385980 ' value='1501345'   \/><label for='answer-id-1501345' id='answer-label-1501345' class=' answer'><span>Set policies about the purpose and use of the security cameras.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385980[]' id='answer-id-1501346' class='answer   answerof-385980 ' value='1501346'   \/><label for='answer-id-1501346' id='answer-label-1501346' class=' answer'><span>Reduce the number of security cameras located inside the building.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385980[]' id='answer-id-1501347' class='answer   answerof-385980 ' value='1501347'   \/><label for='answer-id-1501347' id='answer-label-1501347' class=' answer'><span>Restrict access to surveillance video taken by the security cameras and destroy the recordings after a designated period of time.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-385981'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>You would like your organization to be independently audited to demonstrate compliance with international privacy standards and to identify gaps for remediation. <br \/>\r<br>Which type of audit would help you achieve this objective?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='385981' \/><input type='hidden' id='answerType385981' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385981[]' id='answer-id-1501348' class='answer   answerof-385981 ' value='1501348'   \/><label for='answer-id-1501348' id='answer-label-1501348' class=' answer'><span>First-party audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385981[]' id='answer-id-1501349' class='answer   answerof-385981 ' value='1501349'   \/><label for='answer-id-1501349' id='answer-label-1501349' class=' answer'><span>Second-party audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385981[]' id='answer-id-1501350' class='answer   answerof-385981 ' value='1501350'   \/><label for='answer-id-1501350' id='answer-label-1501350' class=' answer'><span>Third-party audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385981[]' id='answer-id-1501351' class='answer   answerof-385981 ' value='1501351'   \/><label for='answer-id-1501351' id='answer-label-1501351' class=' answer'><span>Fourth-party audit.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-385982'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>An organization's business continuity plan or disaster recovery plan does NOT typically include what?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='385982' \/><input type='hidden' id='answerType385982' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385982[]' id='answer-id-1501352' class='answer   answerof-385982 ' value='1501352'   \/><label for='answer-id-1501352' id='answer-label-1501352' class=' answer'><span>Recovery time objectives.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385982[]' id='answer-id-1501353' class='answer   answerof-385982 ' value='1501353'   \/><label for='answer-id-1501353' id='answer-label-1501353' class=' answer'><span>Emergency response guidelines.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385982[]' id='answer-id-1501354' class='answer   answerof-385982 ' value='1501354'   \/><label for='answer-id-1501354' id='answer-label-1501354' class=' answer'><span>Statement of organizational responsibilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385982[]' id='answer-id-1501355' class='answer   answerof-385982 ' value='1501355'   \/><label for='answer-id-1501355' id='answer-label-1501355' class=' answer'><span>Retention schedule for storage and destruction of information.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-385983'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand event. It fills one of the large downtown conference hotels and overflows into the others, with several thousand attendees enjoying three days of presentations, panel discussions and networking. The convention is the centerpiece of the company's product rollout schedule and a great training opportunity for current users. The sales force also encourages prospective clients to attend to get a better sense of the ways in which the system can be customized to meet diverse needs and understand that when they buy into this system, they are joining a community that feels like family. <br \/>\r<br>This year's conference is only three weeks away, and you have just heard news of a new initiative supporting it: a smartphone app for attendees. The app will support late registration, highlight the featured presentations and provide a mobile version of the conference program. It also links to a restaurant reservation system with the best cuisine in the areas featured. &quot;It's going to be great,&quot; the developer, Deidre Hoffman, tells you, &quot;if, that is, we actually get it working!&quot; She laughs nervously but explains that because of the tight time frame she'd been given to build the app, she outsourced the job to a local firm. &quot;It's just three young people,&quot; she says, &quot;but they do great work.&quot; She describes some of the other apps they have built. When asked how they were selected for this job, Deidre shrugs. &quot;They do good work, so I chose them.&quot; <br \/>\r<br>Deidre is a terrific employee with a strong track record. That's why she's been charged to deliver this rushed project. You're sure she has the best interests of the company at heart, and you don't doubt <br \/>\r<br>that she's under pressure to meet a deadline that cannot be pushed back. However, you have concerns about the app's handling of personal data and its security safeguards. Over lunch in the break room, you start to talk to her about it, but she quickly tries to reassure you, &quot;I'm sure with your help we can fix any security issues if we have to, but I doubt there'll be any. These people build apps for a living, and they know what they're doing. You worry too much, but that's why you're so good at your job!&quot; <br \/>\r<br>Since it is too late to restructure the contract with the vendor or prevent the app from being deployed, what is the best step for you to take next?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='385983' \/><input type='hidden' id='answerType385983' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385983[]' id='answer-id-1501356' class='answer   answerof-385983 ' value='1501356'   \/><label for='answer-id-1501356' id='answer-label-1501356' class=' answer'><span>Implement a more comprehensive suite of information security controls than the one used by the vendor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385983[]' id='answer-id-1501357' class='answer   answerof-385983 ' value='1501357'   \/><label for='answer-id-1501357' id='answer-label-1501357' class=' answer'><span>Ask the vendor for verifiable information about their privacy protections so weaknesses can be identified.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385983[]' id='answer-id-1501358' class='answer   answerof-385983 ' value='1501358'   \/><label for='answer-id-1501358' id='answer-label-1501358' class=' answer'><span>Develop security protocols for the vendor and mandate that they be deployed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385983[]' id='answer-id-1501359' class='answer   answerof-385983 ' value='1501359'   \/><label for='answer-id-1501359' id='answer-label-1501359' class=' answer'><span>Insist on an audit of the vendor's privacy procedures and safeguards.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-385984'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand event. It fills one of the large downtown conference hotels and overflows into the others, with several thousand attendees enjoying three days of presentations, panel discussions and networking. The convention is the centerpiece of the company's product rollout schedule and a great training opportunity for current users. The sales force also encourages prospective clients to attend to get a better sense of the ways in which the system can be customized to meet diverse needs and understand that when they buy into this system, they are joining a community that feels like family. <br \/>\r<br>This year's conference is only three weeks away, and you have just heard news of a new initiative supporting it: a smartphone app for attendees. The app will support late registration, highlight the featured presentations and provide a mobile version of the conference program. It also links to a <br \/>\r<br>restaurant reservation system with the best cuisine in the areas featured. &quot;It's going to be great,&quot; the developer, Deidre Hoffman, tells you, &quot;if, that is, we actually get it working!&quot; She laughs nervously but explains that because of the tight time frame she'd been given to build the app, she outsourced the job to a local firm. &quot;It's just three young people,&quot; she says, &quot;but they do great work.&quot; She describes some of the other apps they have built. When asked how they were selected for this job, Deidre shrugs. &quot;They do good work, so I chose them.&quot; <br \/>\r<br>Deidre is a terrific employee with a strong track record. That's why she's been charged to deliver this rushed project. You're sure she has the best interests of the company at heart, and you don't doubt that she's under pressure to meet a deadline that cannot be pushed back. However, you have concerns about the app's handling of personal data and its security safeguards. Over lunch in the break room, you start to talk to her about it, but she quickly tries to reassure you, &quot;I'm sure with your help we can fix any security issues if we have to, but I doubt there'll be any. These people build apps for a living, and they know what they're doing. You worry too much, but that's why you're so good at your job!&quot; <br \/>\r<br>Which is the best first step in understanding the data security practices of a potential vendor?<\/div><input type='hidden' name='question_id[]' id='qID_33' value='385984' \/><input type='hidden' id='answerType385984' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385984[]' id='answer-id-1501360' class='answer   answerof-385984 ' value='1501360'   \/><label for='answer-id-1501360' id='answer-label-1501360' class=' answer'><span>Requiring the vendor to complete a questionnaire assessing International Organization for Standardization (ISO) 27001 compliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385984[]' id='answer-id-1501361' class='answer   answerof-385984 ' value='1501361'   \/><label for='answer-id-1501361' id='answer-label-1501361' class=' answer'><span>Conducting a physical audit of the vendor's facilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385984[]' id='answer-id-1501362' class='answer   answerof-385984 ' value='1501362'   \/><label for='answer-id-1501362' id='answer-label-1501362' class=' answer'><span>Conducting a penetration test of the vendor's data security structure.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385984[]' id='answer-id-1501363' class='answer   answerof-385984 ' value='1501363'   \/><label for='answer-id-1501363' id='answer-label-1501363' class=' answer'><span>Examining investigation records of any breaches the vendor has experienced.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-385985'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand event. It fills one of the large downtown conference hotels and overflows into the others, with several thousand attendees enjoying three days of presentations, panel discussions and networking. The convention is the centerpiece of the company's product rollout schedule and a great training opportunity for current users. The sales force also encourages prospective clients to attend to get a better sense of the ways in which the system can be customized to meet diverse needs and understand that when they buy into this system, they are joining a community that feels like family. <br \/>\r<br>This year's conference is only three weeks away, and you have just heard news of a new initiative supporting it: a smartphone app for attendees. The app will support late registration, highlight the featured presentations and provide a mobile version of the conference program. It also links to a restaurant reservation system with the best cuisine in the areas featured. &quot;It's going to be great,&quot; the developer, Deidre Hoffman, tells you, &quot;if, that is, we actually get it working!&quot; She laughs nervously but explains that because of the tight time frame she'd been given to build the app, she outsourced the job to a local firm. &quot;It's just three young people,&quot; she says, &quot;but they do great work.&quot; She describes some of the other apps they have built. When asked how they were selected for this job, Deidre shrugs. &quot;They do good work, so I chose them.&quot; <br \/>\r<br>Deidre is a terrific employee with a strong track record. That's why she's been charged to deliver this rushed project. You're sure she has the best interests of the company at heart, and you don't doubt that she's under pressure to meet a deadline that cannot be pushed back. However, you have concerns about the app's handling of personal data and its security safeguards. Over lunch in the break room, you start to talk to her about it, but she quickly tries to reassure you, &quot;I'm sure with your help we can fix any security issues if we have to, but I doubt there'll be any. These people build apps for a living, and they know what they're doing. You worry too much, but that's why you're so good at your job!&quot; <br \/>\r<br>What safeguard can most efficiently ensure that privacy protection is a dimension of relationships with vendors?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='385985' \/><input type='hidden' id='answerType385985' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385985[]' id='answer-id-1501364' class='answer   answerof-385985 ' value='1501364'   \/><label for='answer-id-1501364' id='answer-label-1501364' class=' answer'><span>Include appropriate language about privacy protection in vendor contracts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385985[]' id='answer-id-1501365' class='answer   answerof-385985 ' value='1501365'   \/><label for='answer-id-1501365' id='answer-label-1501365' class=' answer'><span>Perform a privacy audit on any vendor under consideration.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385985[]' id='answer-id-1501366' class='answer   answerof-385985 ' value='1501366'   \/><label for='answer-id-1501366' id='answer-label-1501366' class=' answer'><span>Require that a person trained in privacy protection be part of all vendor selection teams.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385985[]' id='answer-id-1501367' class='answer   answerof-385985 ' value='1501367'   \/><label for='answer-id-1501367' id='answer-label-1501367' class=' answer'><span>Do business only with vendors who are members of privacy trade associations.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-385986'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand event. It fills one of the large downtown conference hotels and overflows into the others, with several thousand attendees enjoying three days of presentations, panel discussions and networking. The convention is the centerpiece of the company's product rollout schedule and a great training opportunity for current users. The sales force also encourages prospective clients to attend to get a better sense of the ways in which the system can be customized to meet diverse needs and understand that when they buy into this system, they are joining a community that feels like family. <br \/>\r<br>This year's conference is only three weeks away, and you have just heard news of a new initiative supporting it: a smartphone app for attendees. The app will support late registration, highlight the featured presentations and provide a mobile version of the conference program. It also links to a restaurant reservation system with the best cuisine in the areas featured. &quot;It's going to be great,&quot; the developer, Deidre Hoffman, tells you, &quot;if, that is, we actually get it working!&quot; She laughs nervously but explains that because of the tight time frame she'd been given to build the app, she outsourced the job to a local firm. &quot;It's just three young people,&quot; she says, &quot;but they do great work.&quot; She describes some of the other apps they have built. When asked how they were selected for this job, Deidre shrugs. &quot;They do good work, so I chose them.&quot; <br \/>\r<br>Deidre is a terrific employee with a strong track record. That's why she's been charged to deliver this rushed project. You're sure she has the best interests of the company at heart, and you don't doubt that she's under pressure to meet a deadline that cannot be pushed back. However, you have concerns about the app's handling of personal data and its security safeguards. Over lunch in the break room, you start to talk to her about it, but she quickly tries to reassure you, &quot;I'm sure with your help we can fix any security issues if we have to, but I doubt there'll be any. These people build apps for a living, and they know what they're doing. You worry too much, but that's why you're so good at your job!&quot; <br \/>\r<br>You want to point out that normal protocols have NOT been followed in this matter. <br \/>\r<br>Which process in particular has been neglected?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='385986' \/><input type='hidden' id='answerType385986' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385986[]' id='answer-id-1501368' class='answer   answerof-385986 ' value='1501368'   \/><label for='answer-id-1501368' id='answer-label-1501368' class=' answer'><span>Forensic inquiry.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385986[]' id='answer-id-1501369' class='answer   answerof-385986 ' value='1501369'   \/><label for='answer-id-1501369' id='answer-label-1501369' class=' answer'><span>Data mapping.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385986[]' id='answer-id-1501370' class='answer   answerof-385986 ' value='1501370'   \/><label for='answer-id-1501370' id='answer-label-1501370' class=' answer'><span>Privacy breach prevention.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385986[]' id='answer-id-1501371' class='answer   answerof-385986 ' value='1501371'   \/><label for='answer-id-1501371' id='answer-label-1501371' class=' answer'><span>Vendor due diligence vetting.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-385987'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>SCENARIO <br \/>\r<br>Please use the following to answer the next QUESTION: <br \/>\r<br>Edufox has hosted an annual convention of users of its famous e-learning software platform, and over time, it has become a grand event. It fills one of the large downtown conference hotels and overflows into the others, with several thousand attendees enjoying three days of presentations, panel discussions and networking. The convention is the centerpiece of the company's product rollout schedule and a great training opportunity for current users. The sales force also encourages prospective clients to attend to get a better sense of the ways in which the system can be customized to meet diverse needs and understand that when they buy into this system, they are joining a community that feels like family. <br \/>\r<br>This year's conference is only three weeks away, and you have just heard news of a new initiative supporting it: a smartphone app for attendees. The app will support late registration, highlight the featured presentations and provide a mobile version of the conference program. It also links to a restaurant reservation system with the best cuisine in the areas featured. &quot;It's going to be great,&quot; the developer, Deidre Hoffman, tells you, &quot;if, that is, we actually get it working!&quot; She laughs nervously but explains that because of the tight time frame she'd been given to build the app, she outsourced the job to a local firm. &quot;It's just three young people,&quot; she says, &quot;but they do great work.&quot; She describes some of the other apps they have built. When asked how they were selected for this job, Deidre shrugs. &quot;They do good work, so I chose them.&quot; <br \/>\r<br>Deidre is a terrific employee with a strong track record. That's why she's been charged to deliver this rushed project. You're sure she has the best interests of the company at heart, and you don't doubt that she's under pressure to meet a deadline that cannot be pushed back. However, you have concerns about the app's handling of personal data and its security safeguards. Over lunch in the break room, you start to talk to her about it, but she quickly tries to reassure you, &quot;I'm sure with your help we can fix any security issues if we have to, but I doubt there'll be any. These people build apps for a living, and they know what they're doing. You worry too much, but that's why you're so good at your job!&quot; <br \/>\r<br>You see evidence that company employees routinely circumvent the privacy officer in developing new initiatives. <br \/>\r<br>How can you best draw attention to the scope of this problem?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='385987' \/><input type='hidden' id='answerType385987' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385987[]' id='answer-id-1501372' class='answer   answerof-385987 ' value='1501372'   \/><label for='answer-id-1501372' id='answer-label-1501372' class=' answer'><span>Insist upon one-on-one consultation with each person who works around the privacy officer.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385987[]' id='answer-id-1501373' class='answer   answerof-385987 ' value='1501373'   \/><label for='answer-id-1501373' id='answer-label-1501373' class=' answer'><span>Develop a metric showing the number of initiatives launched without consultation and include it in reports, presentations, and consultation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385987[]' id='answer-id-1501374' class='answer   answerof-385987 ' value='1501374'   \/><label for='answer-id-1501374' id='answer-label-1501374' class=' answer'><span>Hold discussions with the department head of anyone who fails to consult with the privacy officer.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385987[]' id='answer-id-1501375' class='answer   answerof-385987 ' value='1501375'   \/><label for='answer-id-1501375' id='answer-label-1501375' class=' answer'><span>Take your concerns straight to the Chief Executive Officer.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-385988'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>What is one obligation that the General Data Protection Regulation (GDPR) imposes on data processors?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='385988' \/><input type='hidden' id='answerType385988' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385988[]' id='answer-id-1501376' class='answer   answerof-385988 ' value='1501376'   \/><label for='answer-id-1501376' id='answer-label-1501376' class=' answer'><span>To honor all data access requests from data subjects.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385988[]' id='answer-id-1501377' class='answer   answerof-385988 ' value='1501377'   \/><label for='answer-id-1501377' id='answer-label-1501377' class=' answer'><span>To inform data subjects about the identity and contact details of the controller.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385988[]' id='answer-id-1501378' class='answer   answerof-385988 ' value='1501378'   \/><label for='answer-id-1501378' id='answer-label-1501378' class=' answer'><span>To implement appropriate technical and organizational measures that ensure an appropriate level of security.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385988[]' id='answer-id-1501379' class='answer   answerof-385988 ' value='1501379'   \/><label for='answer-id-1501379' id='answer-label-1501379' class=' answer'><span>To carry out data protection impact assessments in cases where processing is likely to result in high risk to the rights and freedoms of individuals.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-385989'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>An executive for a multinational online retail company in the United States is looking for guidance in developing her company's privacy program beyond what is specifically required by law. <br \/>\r<br>What would be the most effective resource for the executive to consult?<\/div><input type='hidden' name='question_id[]' id='qID_38' value='385989' \/><input type='hidden' id='answerType385989' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385989[]' id='answer-id-1501380' class='answer   answerof-385989 ' value='1501380'   \/><label for='answer-id-1501380' id='answer-label-1501380' class=' answer'><span>Internal auditors.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385989[]' id='answer-id-1501381' class='answer   answerof-385989 ' value='1501381'   \/><label for='answer-id-1501381' id='answer-label-1501381' class=' answer'><span>Industry frameworks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385989[]' id='answer-id-1501382' class='answer   answerof-385989 ' value='1501382'   \/><label for='answer-id-1501382' id='answer-label-1501382' class=' answer'><span>Oversight organizations.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385989[]' id='answer-id-1501383' class='answer   answerof-385989 ' value='1501383'   \/><label for='answer-id-1501383' id='answer-label-1501383' class=' answer'><span>Breach notifications from competitors.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-385990'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>What is one reason the European Union has enacted more comprehensive privacy laws than the United States?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='385990' \/><input type='hidden' id='answerType385990' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385990[]' id='answer-id-1501384' class='answer   answerof-385990 ' value='1501384'   \/><label for='answer-id-1501384' id='answer-label-1501384' class=' answer'><span>To ensure adequate enforcement of existing laws.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385990[]' id='answer-id-1501385' class='answer   answerof-385990 ' value='1501385'   \/><label for='answer-id-1501385' id='answer-label-1501385' class=' answer'><span>To ensure there is adequate funding for enforcement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385990[]' id='answer-id-1501386' class='answer   answerof-385990 ' value='1501386'   \/><label for='answer-id-1501386' id='answer-label-1501386' class=' answer'><span>To allow separate industries to set privacy standards.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385990[]' id='answer-id-1501387' class='answer   answerof-385990 ' value='1501387'   \/><label for='answer-id-1501387' id='answer-label-1501387' class=' answer'><span>To allow the free movement of data between member countries.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-385991'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>All of the following changes will likely trigger a data inventory update EXCEPT?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='385991' \/><input type='hidden' id='answerType385991' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385991[]' id='answer-id-1501388' class='answer   answerof-385991 ' value='1501388'   \/><label for='answer-id-1501388' id='answer-label-1501388' class=' answer'><span>Outsourcing the Customer Relationship Management (CRM) function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385991[]' id='answer-id-1501389' class='answer   answerof-385991 ' value='1501389'   \/><label for='answer-id-1501389' id='answer-label-1501389' class=' answer'><span>Acquisition of a new subsidiary.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385991[]' id='answer-id-1501390' class='answer   answerof-385991 ' value='1501390'   \/><label for='answer-id-1501390' id='answer-label-1501390' class=' answer'><span>Onboarding of a new vendor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-385991[]' id='answer-id-1501391' class='answer   answerof-385991 ' value='1501391'   \/><label for='answer-id-1501391' id='answer-label-1501391' class=' answer'><span>Passage of a new privacy regulation.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-41'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons9661\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"9661\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-04-15 11:54:07\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1776254047\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"385952:1501232,1501233,1501234,1501235 | 385953:1501236,1501237,1501238,1501239 | 385954:1501240,1501241,1501242,1501243 | 385955:1501244,1501245,1501246,1501247 | 385956:1501248,1501249,1501250,1501251 | 385957:1501252,1501253,1501254,1501255 | 385958:1501256,1501257,1501258,1501259 | 385959:1501260,1501261,1501262,1501263 | 385960:1501264,1501265,1501266,1501267 | 385961:1501268,1501269,1501270,1501271 | 385962:1501272,1501273,1501274,1501275 | 385963:1501276,1501277,1501278,1501279 | 385964:1501280,1501281,1501282,1501283 | 385965:1501284,1501285,1501286,1501287 | 385966:1501288,1501289,1501290,1501291 | 385967:1501292,1501293,1501294,1501295 | 385968:1501296,1501297,1501298,1501299 | 385969:1501300,1501301,1501302,1501303 | 385970:1501304,1501305,1501306,1501307 | 385971:1501308,1501309,1501310,1501311 | 385972:1501312,1501313,1501314,1501315 | 385973:1501316,1501317,1501318,1501319 | 385974:1501320,1501321,1501322,1501323 | 385975:1501324,1501325,1501326,1501327 | 385976:1501328,1501329,1501330,1501331 | 385977:1501332,1501333,1501334,1501335 | 385978:1501336,1501337,1501338,1501339 | 385979:1501340,1501341,1501342,1501343 | 385980:1501344,1501345,1501346,1501347 | 385981:1501348,1501349,1501350,1501351 | 385982:1501352,1501353,1501354,1501355 | 385983:1501356,1501357,1501358,1501359 | 385984:1501360,1501361,1501362,1501363 | 385985:1501364,1501365,1501366,1501367 | 385986:1501368,1501369,1501370,1501371 | 385987:1501372,1501373,1501374,1501375 | 385988:1501376,1501377,1501378,1501379 | 385989:1501380,1501381,1501382,1501383 | 385990:1501384,1501385,1501386,1501387 | 385991:1501388,1501389,1501390,1501391\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"385952,385953,385954,385955,385956,385957,385958,385959,385960,385961,385962,385963,385964,385965,385966,385967,385968,385969,385970,385971,385972,385973,385974,385975,385976,385977,385978,385979,385980,385981,385982,385983,385984,385985,385986,385987,385988,385989,385990,385991\";\nWatuPROSettings[9661] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 9661;\t    \nWatuPRO.post_id = 104511;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.10360000 1776254047\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(9661);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"<p>We can be sure that you can prepare confidently for the Certified Information Privacy Manager (CIPM) certification exam with DumpsBase. Our CIPM dumps (V14.02) are available with comprehensive questions and answers, ensuring your success in the actual exam on the first attempt. All these questions and answers are perfect for you to practice. You can [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10168,8844],"tags":[10167,19094],"class_list":["post-104511","post","type-post","status-publish","format-standard","hentry","category-cipm-certification","category-iapp","tag-cipm-free-dumps","tag-cipm-questions-and-answers"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/104511","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=104511"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/104511\/revisions"}],"predecessor-version":[{"id":104512,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/104511\/revisions\/104512"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=104511"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=104511"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=104511"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}