ExamGecko
Search Search Login
Home Home / IAPP / CIPM
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Under the General Data Protection Regulation (GDPR), what are the obligations of a processor that engages a sub-processor?
Under the GDPR. when the applicable lawful basis for the processing of personal data is a legal obligation with which the controller must comply. which right can the data subject exercise?
Your company provides a SaaS tool for B2B services and does not interact with individual consumers. A client's current employee reaches out with a right to delete request. what is the most appropriate response?
A systems audit uncovered a shared drive folder containing sensitive employee data with no access controls and therefore was available for all employees to view. What is the first step to mitigate further risks?
Your marketing team wants to know why they need a check box for their SMS opt-in. You explain it is part of the consumer's right to?
In a sample metric template, what does ''target'' mean?
An online retailer detects an incident involving customer shopping history but no keys have been compromised. The Privacy Offce is most concerned when it also involves?
Under the General Data Protection Regulation (GDPR), what must be included in a written agreement between the controller and processor in relation to processing conducted on the controller's behalf?
When a data breach incident has occurred. the first priority is to determine?
You would like to better understand how your organization can demonstrate compliance with international privacy standards and identify gaps for remediation. What steps could you take to achieve this objective?

Question 10 - CIPM discussion

Report
Export

What is one obligation that the General Data Protection Regulation (GDPR) imposes on data processors?

A.

To honor all data access requests from data subjects.

Answers
A.

To honor all data access requests from data subjects.

B.

To inform data subjects about the identity and contact details of the controller.

Answers
B.

To inform data subjects about the identity and contact details of the controller.

C.

To implement appropriate technical and organizational measures that ensure an appropriate level of security.

Answers
C.

To implement appropriate technical and organizational measures that ensure an appropriate level of security.

D.

To carry out data protection impact assessments in cases where processing is likely to result in high risk to the rights and freedoms of individuals.

Answers
D.

To carry out data protection impact assessments in cases where processing is likely to result in high risk to the rights and freedoms of individuals.

Suggested answer: C

Explanation:

The GDPR imposes several obligations on data processors, such as maintaining records of processing activities, cooperating with supervisory authorities, and notifying data controllers of personal data breaches. One of these obligations is to implement appropriate technical and organizational measures that ensure an appropriate level of security for the personal data processed on behalf of the data controller.This is stated in Article 28(1) and Article 32 of the GDPR1. The other options are not obligations of data processors under the GDPR, but rather of data controllers or joint responsibilities of both parties.Reference:GDPR

Show Answer
asked 22/11/2024
Sébastien PIERRE
48 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms