Exin PDPF Exam - Topic 8 Question 15 Discussion

Actual exam question for Exin's PDPF exam

Question #: 15
Topic #: 8

[All PDPF Questions]

What is the purpose of a data protection audit by the supervisory authority?

ATo monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR.

BTo fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection.

CTo advise the controller on the mitigation of privacy risks to protect the controller from liability claims for
non-compliance.

Show Suggested Answer

Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))

by Theodora at May 10, 2022, 12:47 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Stacey

5 months ago

Definitely a mix of monitoring and advising, but compliance is priority!

upvoted 0 times

...

Cletus

5 months ago

Wait, can they really enforce compliance like that?

upvoted 0 times

...

Margart

5 months ago

I thought it was more about advising on risks?

upvoted 0 times

...

Tracey

5 months ago

Totally agree, monitoring is key!

upvoted 0 times

...

Novella

6 months ago

It's mainly to ensure compliance with the GDPR.

upvoted 0 times

...

Whitley

6 months ago

I’m a bit confused about the role of the supervisory authority. Is it really to advise on risk mitigation like option C suggests? That doesn’t seem right.

upvoted 0 times

...

Alberta

6 months ago

I feel like I’ve seen a question similar to this before, and it was about compliance monitoring, which makes me think A is correct.

upvoted 0 times

...

Stephaine

6 months ago

I remember studying about the obligations under GDPR, but I’m not sure if that’s the main focus of the audit. Could it be option B instead?

upvoted 0 times

...

Gilbert

6 months ago

I think the main purpose of the audit is to ensure compliance with the GDPR, so I’m leaning towards option A.

upvoted 0 times

...

Glendora

6 months ago

Ah, I think I've got it. The output is likely a MailMessage object, which can handle the different email formats. Time to select my answer!

upvoted 0 times

...

France

6 months ago

This looks straightforward, I just need to divide the defects by the total units and convert to a percentage.

upvoted 0 times

...

Kayleigh

6 months ago

This question seems straightforward, I think I can handle it.

upvoted 0 times

...

Edna

6 months ago

The election process in a replication cluster is important, so I'll need to review my notes on the different node types and their roles. B. Arbiter sounds right, but I want to double-check.

upvoted 0 times

...