Exam (elaborations)
CIPM QUESTIONS WITH ANSWERS
- Course
- Institution
CIPM QUESTIONS WITH ANSWERS
[Show more]
Seller
Follow
Content preview
CIPM QUESTIONS WITH ANSWERS.Proactive privacy management is accomplished through three tasks ANS -1) Define your organization's
privacy vision and privacy mission statements 2) Develop privacy strategy 3) Structure your privacy team
This is needed to structure responsibilities with business goals ANS -Strategic Management
Identifies alignment to organizational vision and defines the privacy leaders for an organization, along
with the resources necessary to execute the vision. ANS -Strategic Management model
Member of the privacy team who may be responsible for privacy program framework development,
management and reporting within an organization ANS -Privacy professional
Strategic management of privacy starts by ANS -creating or updating the company's vision and mission
statement based on privacy best practice
Privacy best practices ANS -1) Develop vision and mission statement objectives 2) define privacy
program scope 3)identify legal and regulatory compliance challenges 4) identify organization personal
information legal requirements
This key factor that lays the groundwork for the rest of the privacy program elements and is typically
comprised of a short sentence or two that describe the purpose and ideas in less than 30 seconds. ANS -
Vision or mission statement
This explains what you do as an organization, not who you are; what the organization stands for and
why what you do an an organization to protect personal information is done ANS -Mission Statement
What are the steps in the five step metric cycle ANS -Identify, Define, Select, Collect, Analyze
The first step in the selecting the correct metrics starts by what? ANS -Identifying the intended metric
audience
,The primary audience for metrics may include ANS -Legal and privacy officers, senior leadership; CIO,
CSO, PM, Information Systems Owner (ISO), Information Security Officer (ISO), Others considered users
and managers
The secondary audience includes those who may not have privacy as a primary task include ANS -CFO,
Training organizations, HR, IG, HIPPA security officials
The tertiary audiences may be considered, based on the organization's specific or unique requirements
such as who? ANS -External watch dog groups, Sponsors, Stockholders
The difference between metrics audiences is based on what? ANS -Level of interest, influence and
responsibility to privacy within the business objectives, laws and regulations, or ownership
Specific to Healthcare metrics, audiences may include whom? ANS -HIPPA privacy officers, medical
interdisciplinary readiness teams (MIRTs), senior executive staff, covered entity workforce, self
assessment tool and risk analysis/management
What is the second step in the metric life cycle? ANS -Define Reporting Procedures
A metric owner must be able to do what? ANS -Evangelize the purpose and intent of that metric to the
organization
This person is the process owner, champion, advocate and evangelist responsible for management of
the metric throughout the metric life cycle ANS -Metric Owner
As Six Sigma teaches, an effective metric owner must do what? ANS -1) Know what is critical about the
metric, 2) Monitor process performance with the metric, 3) Make sure the process documentation is up
to date, 4) Perform regular reviews, 5) Make sure that any improvements are incorporated and
maintained in the process, 6) Advocate the metric to customers, partners and others, 7) Maintain
training, documentation, and materials
As a general practice, who should not perform the data collection tasks or perform the measurements of
the metric? ANS -Metric Owner
, What is the third step in the metric life cycle ANS -Select Privacy Metrics
Selecting the correct privacy metric requires what? ANS -Full understanding of the business objectives
and goals, along with a clear understanding of the primary business functions.
Prior to selecting metrics, the reader should first understand what? ANS -Attributes of an effective
metric with metric taxonomy and how to limit improper metrics.
An effective metric is a clear and concise metric that defines and measures what? ANS -Progress toward
a business objective or goal without overburdening the reader
Good metrics should not do what? ANS -Overburden the reader
A metric should be clear in the meaning of what is being measured and what else? ANS -1) Rigorously
defined, 2) Credible and relevant, 3) Objective and quantifiable 4) Associated with the baseline
measurement per the organization standard metric taxonomy
If a standard metric taxonomy does not exist, privacy professionals can generate their own using the
best practices from where? ANS -NIST, NISTIR 7564, "Directions in Security Metrics Research"
A mission statement should include what five items? ANS -Value the organization places on privacy,
Desired organizational objectives, Strategies to drive the tactics used to achieve the intended outcomes,
Clarification of roles and responsibilities
Strategic Management assigns roles, sets expectations grants powers and what? ANS -Verifies
performance
This model identifies alignment to organization vision and defines the privacy leaders for an
organization, along with the resources (people, policy, processes, and procedures) necessary to execute
vision ANS -Strategic Management Model
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller PROFESSORAILAH. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
64438 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now