CIPM Exam Questions

SCENARIO Please use the following to answer the next question: Martin Briseño is the director of human resources at the Canyon City location of the U.S. hotel chain Pacific Suites....

SCENARIO Please use the following to answer the next question: Martin Briseño is the director of human resources at the Canyon City location of the U.S. hotel chain Pacific Suites....

SCENARIO Please use the following to answer the next question: Martin Briseño is the director of human resources at the Canyon City location of the U.S. hotel chain Pacific Suites....

SCENARIO Please use the following to answer the next question: Martin Briseño is the director of human resources at the Canyon City location of the U.S. hotel chain Pacific Suites....

SCENARIO Please use the following to answer the next question: Martin Briseño is the director of human resources at the Canyon City location of the U.S. hotel chain Pacific Suites....

A Human Resources director at a company reported that a laptop containing employee payroll data was lost on the train. Which action should the company take IMMEDIATELY?

Read the following steps: - Perform frequent data back-ups. - Perform test restorations to verify integrity of backed-up data. - Maintain backed-up data offline or on separate serv...

The General Data Protection Regulation (GDPR) specifies fines that may be levied against data controllers for certain infringements. Which of the following will be subject to admin...

SCENARIO Please use the following to answer the next question. Manasa is a product manager at Omnipresent Omnimedia, where she is responsible for leading the development of the com...

What is the main purpose in notifying data subjects of a data breach?

Under the General Data Protection Regulation (GDPR), which situation would be LEAST likely to require a Data Protection Impact Assessment (DPIA)?

Under the General Data Protection Regulation (GDPR), which of the following situations would LEAST likely require a controller to notify a data subject?

SCENARIO Please use the following to answer the next question: Penny has recently joined Ace Space, a company that sells homeware accessories online, as its new privacy officer. Th...

SCENARIO Please use the following to answer the next question: Penny has recently joined Ace Space, a company that sells homeware accessories online, as its new privacy officer. Th...

SCENARIO Please use the following to answer the next question: Penny has recently joined Ace Space, a company that sells homeware accessories online, as its new privacy officer. Th...

Which of the documents below assists the Privacy Manager in identifying and responding to a request from an individual about what personal information the organization holds about...

Which of the following is the optimum first step to take when creating a Privacy Officer governance model?

Which of the following helps build trust with customers and stakeholders?

Which of the following is NOT an important factor to consider when developing a data retention policy?

When supporting the business and data privacy program expanding into a new jurisdiction, it is important to do all of the following EXCEPT?

When building a data privacy program, what is a good starting point to understand the scope of privacy program needs?

Which of the following actions is NOT required during a data privacy diligence process for Merger & Acquisition (M&A) deals?

When devising effective employee policies to address a particular issue, which of the following should be included in the first draft?

Your company wants to convert paper records that contain customer personal information into electronic form, upload the records into a new third-party marketing tool and then merge...

A minimum requirement for carrying out a Data Protection Impact Assessment (DPIA) would include?

Which of the following best supports implementing controls to bring privacy policies into effect?

What is most critical when outsourcing data destruction service?

Data retention and destruction policies should meet all of the following requirements EXCEPT?

What is least likely to be achieved by implementing a Data Lifecycle Management (DLM) program?

There are different forms of monitoring available for organizations to consider when aligning with their privacy program goals. Which of the following forms of monitoring is best d...

Which will best assist you in quickly identifying weaknesses in your network and storage?

Which of the following is NOT a type of privacy program metric?

How do privacy audits differ from privacy assessments?

An organization's internal audit team should do all of the following EXCEPT?

"Respond" in the privacy operational lifecycle includes which of the following?

If your organization has a recurring issue with colleagues not reporting personal data breaches, all of the following are advisable to do EXCEPT?

Which of the following information must be provided by the data controller when complying with GDPR "right to be informed" requirements?

A Data Privacy Officer (DPO) who posts privacy message reminders on posters and on company video screens throughout the office to reinforce the organization's privacy message is fu...

The primary purpose of privacy awareness activities is to?

SCENARIO Please use the following to answer the next question: Your organization, the Chicago (U.S.)-based Society for Urban Greenspace, has used the same vendor to operate all asp...

Which of the following controls are generally NOT part of a Privacy Impact Assessment (PIA) review?

When developing a privacy program and selecting a program sponsor or "champion" the most important consideration should be?

All of the following are components of a data collection notice EXCEPT?

SCENARIO Please use the following to answer the next question: Penny has recently joined Ace Space, a company that sells homeware accessories online, as its new privacy officer. Th...

Which of the following is least relevant to establishing a culture of data privacy at a company?

A Privacy Program Framework is an implementation roadmap that does all of the following EXCEPT?

SCENARIO Please use the following to answer the next question: Hi Zoe, Thank you so much for your email. I am so glad you have jumped right into your new position as our in-house p...

SCENARIO Please use the following to answer the next question: Hi Zoe, Thank you so much for your email. I am so glad you have jumped right into your new position as our in-house p...

SCENARIO Please use the following to answer the next question: Hi Zoe, Thank you so much for your email. I am so glad you have jumped right into your new position as our in-house p...

SCENARIO Please use the following to answer the next question: Hi Zoe, Thank you so much for your email. I am so glad you have jumped right into your new position as our in-house p...