Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPM JUNE 2023 > Privacy Operation Life Cycle: Chapter 7 Sustain: Monitor and Audit > Flashcards

Privacy Operation Life Cycle: Chapter 7 Sustain: Monitor and Audit Flashcards

1
Q

Privacy Metrics

A

Reflect currency and value to org

Must add value by accurately reflecting the state of the business goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Most popular metrics

A

Incident response
PIAs / DPIAs
Training and awareness
DSARs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Trend analysis

A

Time component: spot patterns, trend series

Cyclical component: regular fluctuations

Irregular component: remaining noise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Program Maturity Model (PMM)

A
  1. Ad Hoc: informal process
  2. Repeatable: procedures and process, not fully documented or covered
  3. Defined: fully documented, implemented, and cover all relevant aspects
  4. Managed: reviews are conducted to assess control effectiveness
  5. Optimized: regular review and feedback for continual improvement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Categories for Board report

A
  1. Defending the company
    Number of incidents reported
    Number of incidents actual
    Number of reportable incidents
    Attempted intrusions
    Attempted DDOS attacks
    Average investigation and response time
  2. Complying with legal responsibilities and regulations
    Complaints by data subjects
    Data access requests
    Rectification requests
    Unsubscribe requests
    Erasure requests
    Stop processing requests
    Data download requests
  3. Advising the business
    PIAs (with ave completion time)
    DPIAs (with ave completion time)
    Staff receiving privacy training (percent)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Additional categories for reporting

A

Number of staff
Budget
Number of products or services using PD
Total number of data subjects
Number of processors

Ratio of privacy to org employees
Ratio of privacy to Legal employees
Process with consumer vs employee data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

GDPR mandated categories for reporting

A

DPIAs conducted
DSARs received
Complaints received
Data security incidents
How many elevated to notifications of DPAs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Monitor: types

A

Compliance: audits of collection, use, retention
Regulation: changes to law
Environment: internal and external factors
Training Data: by topic and employee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Monitor: forms

A

Tools: active scanning
Audits: internal/external
Breaches: tracking types, severity
Complaints: type and origin
Data retention: records management, retention risk
Controls: assessing the design and efficacy
HR: investigations related to compliance
Suppliers/Third parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Audits

A

Evaluating the effectiveness of controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Audit phases

A

Plan
Prepare
Audit
Reporting
Followup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Types of Privacy Program Metrics

A

Risk reduction metrics
Business enablement metrics
Data Enhancement metrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CIPM JUNE 2023 (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions