ExamGecko
Search Search Login
Home Home / IAPP / CIPM
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your marketing team wants to know why they need a check box for their SMS opt-in. You explain it is part of the consumer's right to?
In a sample metric template, what does ''target'' mean?
An online retailer detects an incident involving customer shopping history but no keys have been compromised. The Privacy Offce is most concerned when it also involves?
Under the General Data Protection Regulation (GDPR), what are the obligations of a processor that engages a sub-processor?
Under the GDPR. when the applicable lawful basis for the processing of personal data is a legal obligation with which the controller must comply. which right can the data subject exercise?
Under the General Data Protection Regulation (GDPR), what must be included in a written agreement between the controller and processor in relation to processing conducted on the controller's behalf?
When a data breach incident has occurred. the first priority is to determine?
Your company provides a SaaS tool for B2B services and does not interact with individual consumers. A client's current employee reaches out with a right to delete request. what is the most appropriate response?
A systems audit uncovered a shared drive folder containing sensitive employee data with no access controls and therefore was available for all employees to view. What is the first step to mitigate further risks?
You would like to better understand how your organization can demonstrate compliance with international privacy standards and identify gaps for remediation. What steps could you take to achieve this objective?

Question 67 - CIPM discussion

Report
Export

Under the General Data Protection Regulation (GDPR), what must be included in a written agreement between the controller and processor in relation to processing conducted on the controller's behalf?

A.

An obligation on the processor to report any personal data breach to the controller within 72 hours.

Answers
A.

An obligation on the processor to report any personal data breach to the controller within 72 hours.

B.

An obligation on both parties to report any serious personal data breach to the supervisory authority.

Answers
B.

An obligation on both parties to report any serious personal data breach to the supervisory authority.

C.

An obligation on both parties to agree to a termination of the agreement if the other party is responsible for a personal data breach.

Answers
C.

An obligation on both parties to agree to a termination of the agreement if the other party is responsible for a personal data breach.

D.

An obligation on the processor to assist the controller in complying with the controller's obligations to notify the supervisory authority about personal data breaches.

Answers
D.

An obligation on the processor to assist the controller in complying with the controller's obligations to notify the supervisory authority about personal data breaches.

Suggested answer: D

Explanation:

Under the GDPR, a written agreement between the controller and processor must include an obligation on the processor to assist the controller in complying with the controller's obligations to notify the supervisory authority and the data subjects about personal data breaches.This is stated in Article 28(3)(f) of the GDPR1. The other options are not required by the GDPR, although they may be included in the agreement as additional clauses.The obligation to report any personal data breach to the controller within 72 hours is imposed on the processor by Article 33(2) of the GDPR1, not by the agreement.The obligation to report any serious personal data breach to the supervisory authority is imposed on the controller by Article 33(1) of the GDPR1, not by the agreement. The termination of the agreement in case of a personal data breach is not a mandatory provision under the GDPR, but rather a contractual matter that may depend on the circumstances and severity of the breach.Reference:GDPR

Show Answer
asked 22/11/2024
Budi Gunawan
46 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms