CIPM Flashcards WITH 100% CORRECT ANSWERS

What are the 5 phases of a privacy program audit Planning, Preparation, Audit, Report, Followup What happens during the audit planning phase of PPARF? Risk assessment, schedule, selecting auditor, pre-audit questionnaire, preparatory meeting/visit and checklist What happens during the Audit Preparation phase of PPARF? Confirm schedule, confirm and prepare checklists, sampling criteria and audit plan What Happens during the Audit phase of PPARF? Meeting and audit execution What happens during the report phase of PPARF? Noncompliance records and categories (major/minor), audit report, closing meeting and distribution What happens during the followup phase of PPARF? Confirm scope, schedule, methodology and closure What are the three types of privacy governance models? (privacy governance may be "___, _____, or ______." Centralized, Localized, or Hybrid When creating your privacy office governance model, you should consider what 4 factors? 1. existing organisational structure, 2. position and authority of the privacy team, 3. involvement level of senior leadership and internal stakeholder 4. The development of internal partnerships. What are the advantages/disadvantages of the hybrid governance model? Advantage: Resources of larger centralized org Disadvantage: Decentralized decision making provides less big picture vision What are the 5 maturity levels of the GAPP Privacy Maturity Model? 1. Ad Hoc 2. Repeatable 3. Defined 4. Managed 5. Optimized (ARDMO) What are the 5 mechanisms that allow organizations to transfer data across borders? (there is something else you must also have) 1. Adequacy Decisions 2. Ad Hoc Contracts 3. Standard Contractual Clauses 4.Binding Corporate Rules 5. Codes of Conduct/Self Certification Mechanisms (You must also have legal basis for processing data in addition to any of these prior to transfer)