Download CIPM Practice Part 1 Exam 29 Questions with Verified Answers,100% CORRECT and more Exams Nursing in PDF only on Docsity! CIPM Practice Part 1 Exam 29 Questions with Verified Answers In addition to regulatory requirements and business practices, what important factors must a global privacy strategy consider? - CORRECT ANSWER Cultural Norms How are individual program needs and specific organizational goals identified in privacy framework development? - CORRECT ANSWER By employing metrics to align privacy protection with objectives In privacy protection, what is a "covered entity?" - CORRECT ANSWER An organization subject to the privacy provisions of HIPAA Which of the following is an example of Privacy by Design (PbD)? - CORRECT ANSWER The information technology group uses privacy considerations to inform the development of new networking software What is the key factor that lays the foundation for all other elements of a privacy program? - CORRECT ANSWER A privacy mission statement Albert/Treasure Box Case Study: In consideration of the company's new initiatives, which of the following laws and regulations would be most appropriate for Albert to mention at the interview as a priority concern for the privacy team? - CORRECT ANSWER Health Insurance Portability and Accountability Act (HIPAA) Albert/Treasure Box Case Study: On which of the following topics does Albert most likely need additional knowledge? - CORRECT ANSWER The requirements for a managerial position with privacy protection duties Albert/Treasure Box Case Study: Based on Albert's observations, executive leadership should most likely pay closer attention to what? - CORRECT ANSWER Outdated security frameworks Albert/Treasure Box Case Study: Based on Albert's observations regarding recent security incidents, which of the following should he suggest as a priority for Treasure Box? - CORRECT ANSWER Using a third-party auditor to address privacy protection issues not recognized by the prior internal audits Albert/Treasure Box Case Study: What is one important factor that Albert fails to consider regarding Treasure Box's response to their recent security incident? - CORRECT ANSWER What the nature of the data is Albert/Treasure Box Case Study: The company may start to earn back the trust of its customer base by following Albert's suggestion regarding which handling procedure? - CORRECT ANSWER Access Penny/Ace Space Case Study: To help Penny and her CEO with their objectives, what would be the most helpful approach to address her IT concerns? - CORRECT ANSWER Ensure inventory of IT assets is maintained Penny/Ace Space Case Study: To establish the current baseline of Ace Space's privacy maturity, Penny should consider all of the following factors EXCEPT? - CORRECT ANSWER Ace Space's content sharing practices on social media Penny/Ace Space Case Study: What is the best way for Penny to understand the location, classification and processing purpose of the personal data Ace Space has? - CORRECT ANSWER Analyze the data inventory to map data flows Penny/Ace Space Case Study: What information will be LEAST crucial from a privacy perspective in Penny's review of vendor contracts? - CORRECT ANSWER Pricing for data security protections "Collection," "access" and "destruction" are aspects of what privacy management process? - CORRECT ANSWER The data governance strategy What does it mean to "rationalize" data protection requirements? - CORRECT ANSWER Look for overlaps in laws and regulations from which a common solution can be developed