Question 1

Which of the following statements is true with respect to organization’s privacy training and awareness program?

Options :

A : It should define roles and responsibilities of personnel in privacy function

B : It should cover employees of service provider dealing with personal information

C :

It should necessarily cover officials from Law Enforcement Agencies that request lawful access to personal information

D : None of the above

Answer: A

Question 2

Which of the following is not in line with the modem definition of Consent?

Options :

A : Consent is taken by clear and affirmative action

B : Consenting individual should have the ability to withdraw consent

C : Consent should be bundled in nature

D : Purpose of processing should be informed to the individual before consenting

Answer: C

Question 3

A newly appointed Data Protection officer is reviewing the organization’s existing privacy policy. Which of the following would be the most critical factor for the review process?

Options :

A : Awareness of the business units about the privacy policy

B : Changes in the legal/regulatory regime

C : Privacy policies of industry peers

D : Foreseeable challenges in the effective implementation of the policy

Answer: B

Question 4

The concept of data adequacy is based on the principle of _________.

Options :

A : Adequate compliance

B : Dissimilarity of legislations

C : Essential equivalence

D : Essential assessment

Answer: C

Question 5

Which of the following are the key factors that need to be considered for determining the applicability of the privacy principles? (Choose all that apply.)

Options :

A : The role of the organization in determining the purpose of the data collection

B : How and where the data is coming in the organization

C : Requirements stipulated by the local authorities from where the organization operating

D : Organization’s commitment to the external stakeholder with respect to privacy

Answer: A,B