DCPLA Exam Dumps - DSCI Certification Questions and Answers

There are several privacy incidents reported in an organization. The organization plans to analyze and learn from these incidents. Which privacy practice will the organization have to implement for the same?

Which of the following is not an objective of VPI?

__________ calls for inclusion of data protection from the onset of the designing of systems.

As a privacy assessor, what would most likely be the first artefact you would ask for while assessing an organization which claims that it has implemented a privacy program?

Following aspects can serve as inputs to a privacy organization for ensuring privacy protection:

I) Privacy related incidents detected/reported

II) Contractual obligations

III) Organization's exposure to personal information

IV) Regulatory requirements

Create an inventory of the specific contractual terms that explicitly mention the data protection requirements. This an imperative of which DPF practice area?

What are the Nine Privacy Principles as described in DSCI Privacy Framework (DPF©)?

I) Use Limitation

II) Accountability

III) Data Quality

IV) Notice

V) Preventing Harm

VI) Choice & Consent

VII) Access and Correction

VIII) Data Minimization

IX) Openness

X) Disclosure to Third Parties

XI) Right to be Forgotten

XII) Collection limitation

XIII) Security

Classify the following scenario as major or minor non-conformity.

“The organization has a very mature information security policy. Lately, the organization has realized the need to focus on protection of PI. A formal PI identification exercise was done for this purpose and a mapping of PI and security controls was done. The organization has also put in place data masking technology in certain functions where the SPI was accessed by employees of a third party. However, the organization is yet to include PI specifically in its risk assessment exercise, incident management, testing, data classification and security architecture programs.”

What are the two phases of DSCI Privacy Third Party Assessment?

As a privacy lead assessor assessing the company for DSCI’s privacy certification, you are assessing the adequacy of resources and skills in the organization, to address privacy related responsibilities.

Which DSCI Privacy Framework (DPF©) practice area is relevant?