CIPM - Class & Book (Exam Prep)

CIPM - Class & Book (Exam Prep) What are the general responsibilities of a Privacy Program Manager (1 of 4) - ANS - 1. Identify Privacy Obligations What are the general responsibilities of a Privacy Program Manager (2 ...

CIPM - Class & Book (Exam Prep) What are the general responsibilities of a Privacy Program Manager (1 of 4) - ANS - 1. Identify Privacy Obligations What are the general responsibilities of a Privacy Program Manager (2 of 4) - ANS - 2. Identify Business, Employee and Consumer Privacy Risks What are the general responsibilities of a Privacy Program Manager (3 of 4) - ANS - 3. Identify existing documentation, Policies & Procedures and revise/implement Policies & Procedures and together comprise a Privacy Program. What are the general responsibilities of a Privacy Program Manager (4 of 4) - ANS - 4. Continuously maintain and improve Privacy Program What are the main goals of a Privacy Program? (1 of 5) - ANS - 1. Demonstrate compliance with applicable laws and regulations (at a minimum) What are the main goals of a Privacy Program? (2 of 5) - ANS - 2. Promote consumer trust and confidence What are the main goals of a Privacy Program? (3 of 5) - ANS - 3. Enhance organization's reputation What are the main goals of a Privacy Program? (4 of 5) - ANS - 4. Facilitate privacy program awareness, where relevant, of employees, customers, partners and service providers. What are the main goals of a Privacy Program? (5 of 5) - ANS - 5. Respond effectively to privacy breaches What is Privacy Accountability? - ANS - Evidence and Responsibility. When we collecting data we need to be responsible for it and help accountable for its proper use. Explaining how you are compliant. Accountability gives a degree of flexibility into how the organization is going to comply with the obligations. What is the most important aspect of Privacy program management? Why? - ANS - Accountability; safekeeping and responsibile use of PI. What are some examples of diverse stakeholders that hold organizations accountable for Privacy? - ANS - Customers, Clients, Patients, The Public, Regulators/DPAs, Professional Organizations & Associations, Employees & Business Partners, Investors, Industry Watchdogs, The Media Privacy Program Motivators: Top 3 by Priority 1 - ANS - 1. Regulatory Compliance Privacy Program Motivators: Top 3 by Priority 2 - ANS - 2. Expectations of clients & partners Privacy Program Motivators: Top 3 by Priority 3 - ANS - 3. Safeguard against attacks and threats Organizational Alignment for Privacy Functions - ANS - Marketing, HR, IT, Finance, InfoSec What function might be responsible for PI collected through digital marketing; collected, used, shared. - ANS - Marketing What function might be responsible for privacy notice for digital advertising? - ANS - Marketing What function might be responsible for complaints, whistleblowing and investigations? - ANS - HR What function might be responsible for the ethics office? - ANS - HR What is an ethics office? - ANS - A trusted place where employees can take their complaints, outside the chain of command. What function might be responsible for ensuring all systems can enable privacy requirements? - ANS - IT What function might be responsible for operational & technical controls to reduce damange, loss or unauthorized access to systems, facilities or Data. - ANS - Information Security CIA Triad - ANS - Confidentiality, Integrity, Accountability What is Confidentiality - ANS - Preventing unauthorized disclosure of information What is integrity - ANS - Protecting from unauthorized or unintended alteration of deletion. What if Accountability - ANS - Making information accessible to authorized users. Tracking mechanisms in place Why is strategic management important and what does it accomplish? - ANS - Ensures strategic objectives are connected to the daily operations, assigns roles and expectations, grants powers, and verifies performance. SM identifies privacy leaders, resources (people, policy, processes and procedures. What is a Privacy Professional - ANS - General term used to describe a member of the privacy team who may be responsible for privacy program framework development, management, and reporting within an organization. What function would be responsible for Bonus Calculations? - ANS - FInance What function would be responsible for the information access policy? - ANS - Information Security What function would be responsible for Enabling system access? - ANS - IT What function would be responsible for Vendor Contracts? - ANS - Legal What are the main components of Privacy Governance? - A