Which of the following should be the FIRST consideration when conducting a privacy impact assessment (PIA)?

• A.The applicable privacy legislation
• B.The quantity of information within the scope of the assessment
• C.The systems in which privacy-related data is stored
• D.The organizational security risk profile

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the GREATEST obstacle to conducting a privacy impact assessment (PIA)?

• A.Conducting a PIA requires significant funding and resources.
• B.PIAs need to be performed many times in a year.
• C.The organization lacks knowledge of PIA methodology.
• D.The value proposition of a PIA is not understood by management.

Comment: *

Name: *

Email: *

Verification: *

Which of the following scenarios poses the GREATEST risk to an organization from a privacy perspective?

• A.The organization lacks a hardware disposal policy.
• B.Emails are not consistently encrypted when sent internally.
• C.Privacy training is carried out by a service provider.
• D.The organization's privacy policy has not been reviewed in over a year.

Comment: *

Name: *

Email: *

Verification: *

An IT privacy practitioner wants to test an application in pre-production that will be processing sensitive personal dat a. Which of the following testing methods is BEST used to identity and review the application's runtime modules?

• A.Static application security testing (SAST)
• B.Dynamic application security testing (DAST)
• C.Regression testing
• D.Software composition analysis

Comment: *

Name: *

Email: *

Verification: *

During which of the following system lifecycle stages is it BEST to conduct a privacy impact assessment (PIA) on a system that holds personal data?

• A.Functional testing
• B.Development
• C.Production
• D.User acceptance testing (UAT)

Comment: *

Name: *

Email: *

Verification: *