Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

DSCI DCPLA Exam - Topic 1 Question 43 Discussion

Actual exam question for DSCI's DCPLA exam
Question #: 43
Topic #: 1
[All DCPLA Questions]

Classify the following scenario as major or minor non-conformity.

''The organization has a very mature information security policy. Lately, the organization has realized the need to focus on protection of PI. A formal PI identification exercise was done for this purpose and a mapping of PI and security controls was done. The organization has also put in place data masking technology in certain functions where the SPI was accessed by employees of a third party. However, the organization is yet to include PI specifically in its risk assessment exercise, incident management, testing, data classification and security architecture programs.''

Show Suggested Answer Hide Answer
Suggested Answer: C

by Hermila at Sep 17, 2024, 02:08 PM

Limited Time Offer

25%

Off

Get Premium DCPLA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Eden
6 months ago
Both major and minor, they’re halfway there but not fully compliant.
upvoted 0 times
...
Dulce
6 months ago
Definitely a major issue, they need to step up their game.
upvoted 0 times
...
Virgina
6 months ago
Wait, they haven't included PI in risk assessments? That's surprising!
upvoted 0 times
...
Corinne
7 months ago
I think it's minor since they have some controls in place.
upvoted 0 times
...
Ngoc
7 months ago
Sounds like a major non-conformity to me.
upvoted 0 times
...
Jillian
7 months ago
I feel like this could be a minor issue since they are taking steps to protect PI, but I’m not confident about that.
upvoted 0 times
...
Avery
7 months ago
It seems like they have some good measures in place, but the lack of PI in their risk assessment makes me think it could be both major and minor.
upvoted 0 times
...
Myra
7 months ago
I remember a practice question where the absence of key controls led to a major non-conformity, but I'm not entirely sure if this situation is the same.
upvoted 0 times
...
Florencia
8 months ago
I'm leaning towards this being a major non-conformity since they haven't included PI in critical areas like risk assessment and incident management.
upvoted 0 times
...
Maybelle
8 months ago
Interesting scenario. The organization seems to be on the right track, but the lack of PI integration in certain areas is concerning. I'll need to carefully weigh all the factors.
upvoted 0 times
...
Kris
8 months ago
This is a tough call. They've made progress, but still have gaps. I'll need to really think through the significance of the missing elements to decide if it's major or minor.
upvoted 0 times
...
Beth
8 months ago
Okay, they've got a mature security policy and have done some PI identification and protection, but are missing it in key areas. I'm leaning towards major non-conformity, but I'll double-check the criteria.
upvoted 0 times
...
Honey
8 months ago
Hmm, the organization has taken some good steps, but it sounds like they still have work to do to fully integrate PI protection into their processes. I'll need to weigh the positives and negatives.
upvoted 0 times
...
Carla
8 months ago
This seems like a tricky one. I'll need to carefully analyze the details to determine if this is a major or minor non-conformity.
upvoted 0 times
...
Maryln
2 years ago
I'm with Glendora on this one. Protecting PI should be a top priority, and not having it properly integrated into their security programs is a major issue. Time to step it up!
upvoted 0 times
...
Lynelle
2 years ago
Hmm, I'm going to go with 'Both Major & Minor' on this one. The organization has made some good progress, but still has work to do to fully integrate PI protection into their security practices.
upvoted 0 times
...
Glendora
2 years ago
I disagree. This seems like a major non-conformity to me. Failing to include PI in risk assessment, incident management, and other core security functions is a significant gap that needs to be addressed.
upvoted 0 times
Alishia
2 years ago
User 4: A) Major
upvoted 0 times
...
Mirta
2 years ago
User 3: C) Both Major & Minor
upvoted 0 times
...
Natalie
2 years ago
User 2: B) Minor
upvoted 0 times
...
Elly
2 years ago
A) Major
upvoted 0 times
...
...
Desmond
2 years ago
Agreed, this is a tough one. I can see both sides, but I think the fact that they've at least started the process with data masking and PI identification pushes it more towards 'Minor' in my book. Baby steps, people!
upvoted 0 times
...
Remona
2 years ago
Are we sure this isn't a trick question? It's almost too easy. Where's the catch?
upvoted 0 times
Marylou
2 years ago
B) Minor
upvoted 0 times
...
Lanie
2 years ago
It seems pretty straightforward to me.
upvoted 0 times
...
Nieves
2 years ago
A) Major
upvoted 0 times
...
...
Pearline
2 years ago
I see your point, but maybe it could also be considered a minor non-conformity since they have taken steps to protect PI in certain areas.
upvoted 0 times
...
Britt
2 years ago
I'm going with B. They've already made some good progress, even if they haven't finished the job yet.
upvoted 0 times
Danilo
2 years ago
User1: True, they're on the right track though.
upvoted 0 times
...
Theola
2 years ago
User3: I agree, but they still need to include PI in other areas like risk assessment and incident management.
upvoted 0 times
...
Francoise
2 years ago
Yeah, they've made some progress with the data masking technology.
upvoted 0 times
...
Edward
2 years ago
C) Both Major & Minor
upvoted 0 times
...
Latricia
2 years ago
I think it's a minor non-conformity.
upvoted 0 times
...
Theodora
2 years ago
B) Minor
upvoted 0 times
...
Darrel
2 years ago
A) Major
upvoted 0 times
...
...
Sean
2 years ago
I agree with Elly. Not including PI in risk assessment and incident management is a big risk for the organization.
upvoted 0 times
...
Carissa
2 years ago
I think this is a major non-conformity. The organization has a lot of work to do to properly protect PI.
upvoted 0 times
...
Rosendo
2 years ago
Hmm, this seems like a tricky one. I'm leaning towards C, but I'm not totally sure.
upvoted 0 times
Jody
2 years ago
It's definitely a mix of major and minor non-conformity.
upvoted 0 times
...
Trina
2 years ago
Maybe they should prioritize including PI in their risk assessment.
upvoted 0 times
...
Donte
2 years ago
I agree, it seems like there are important aspects missing.
upvoted 0 times
...
Irma
2 years ago
I think it could be both major and minor.
upvoted 0 times
...
...
Elly
2 years ago
I think it's a major non-conformity because PI should be included in all aspects of information security.
upvoted 0 times
...

Save Cancel