Free Preparation Discussions
MENU
IAPP CIPP/US Exam - Topic 2 Question 79 Discussion
Topic #: 2
All of the following are tasks in the ''Discover'' phase of building an information management program EXCEPT?
The ''Discover'' phase of building an information management program is the first step in the process of creating a privacy framework. It involves identifying the types, sources, and flows of personal information within an organization, as well as the legal, regulatory, and contractual obligations that apply to it. The tasks in this phase include:
Conducting a data inventory and mapping exercise to document what personal information is collected, used, shared, and stored by the organization, and how it is protected.
Assessing the current state of privacy compliance and risk by reviewing existing policies, procedures, and practices, and identifying any gaps or weaknesses.
Understanding the laws that regulate a company's collection of information, such as the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and the California Consumer Privacy Act (CCPA).
Facilitating participation across departments and levels to ensure that all stakeholders are involved and informed of the privacy goals and objectives, and to foster a culture of privacy awareness and accountability.
Developing a process for review and update of privacy policies is not a task in the ''Discover'' phase, but rather in the ''Implement'' phase, which is the third step in the process of creating a privacy framework. It involves putting the privacy policies and procedures into action, and ensuring that they are effective and compliant. The tasks in this phase include:
Developing a process for review and update of privacy policies to reflect changes in the business environment, legal requirements, and best practices, and to incorporate feedback from internal and external audits and assessments.
Implementing privacy training and awareness programs to educate employees and other relevant parties on their roles and responsibilities regarding privacy, and to promote a privacy-by-design approach.
Establishing privacy governance and oversight mechanisms to monitor and measure the performance and outcomes of the privacy program, and to ensure accountability and transparency.
Developing a process for responding to privacy incidents and requests from data subjects, regulators, and other parties, and to mitigate and remediate any privacy risks or harms.
IAPP CIPP/US Body of Knowledge, Domain I: Information Management from a U.S. Perspective, Section A: Building a Privacy Program
IAPP CIPP/US Certified Information Privacy Professional Study Guide, Chapter 1: Information Management from a U.S. Perspective, Section 1.1: Building a Privacy Program
Practice Exam - International Association of Privacy Professionals
Denna
3 months agoAnnmarie
3 months agoLoise
3 months agoLouisa
3 months agoRaul
4 months agoCelestina
4 months agoAndra
4 months agoAbel
4 months agoMaryann
5 months agoRefugia
5 months agoJoaquin
5 months agoJustine
5 months agoMing
5 months agoRuth
9 months agoGerman
9 months agoJanet
9 months agoAmira
9 months agoGilma
10 months agoHerminia
8 months agoCarin
8 months agoArlean
9 months agoJenelle
9 months agoKizzy
10 months agoMarla
10 months agoMarva
10 months agoMarla
10 months agoHaydee
10 months agoTimothy
9 months agoVicki
9 months agoZena
10 months agoGlennis
10 months agoDelisa
10 months agoPaz
10 months ago