Free Preparation Discussions
MENU
IAPP CIPP/US Exam - Topic 2 Question 79 Discussion
Topic #: 2
All of the following are tasks in the ''Discover'' phase of building an information management program EXCEPT?
The ''Discover'' phase of building an information management program is the first step in the process of creating a privacy framework. It involves identifying the types, sources, and flows of personal information within an organization, as well as the legal, regulatory, and contractual obligations that apply to it. The tasks in this phase include:
Conducting a data inventory and mapping exercise to document what personal information is collected, used, shared, and stored by the organization, and how it is protected.
Assessing the current state of privacy compliance and risk by reviewing existing policies, procedures, and practices, and identifying any gaps or weaknesses.
Understanding the laws that regulate a company's collection of information, such as the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and the California Consumer Privacy Act (CCPA).
Facilitating participation across departments and levels to ensure that all stakeholders are involved and informed of the privacy goals and objectives, and to foster a culture of privacy awareness and accountability.
Developing a process for review and update of privacy policies is not a task in the ''Discover'' phase, but rather in the ''Implement'' phase, which is the third step in the process of creating a privacy framework. It involves putting the privacy policies and procedures into action, and ensuring that they are effective and compliant. The tasks in this phase include:
Developing a process for review and update of privacy policies to reflect changes in the business environment, legal requirements, and best practices, and to incorporate feedback from internal and external audits and assessments.
Implementing privacy training and awareness programs to educate employees and other relevant parties on their roles and responsibilities regarding privacy, and to promote a privacy-by-design approach.
Establishing privacy governance and oversight mechanisms to monitor and measure the performance and outcomes of the privacy program, and to ensure accountability and transparency.
Developing a process for responding to privacy incidents and requests from data subjects, regulators, and other parties, and to mitigate and remediate any privacy risks or harms.
IAPP CIPP/US Body of Knowledge, Domain I: Information Management from a U.S. Perspective, Section A: Building a Privacy Program
IAPP CIPP/US Certified Information Privacy Professional Study Guide, Chapter 1: Information Management from a U.S. Perspective, Section 1.1: Building a Privacy Program
Practice Exam - International Association of Privacy Professionals
Denna
4 months agoAnnmarie
5 months agoLoise
5 months agoLouisa
5 months agoRaul
5 months agoCelestina
6 months agoAndra
6 months agoAbel
6 months agoMaryann
6 months agoRefugia
6 months agoJoaquin
7 months agoJustine
7 months agoMing
7 months agoRuth
11 months agoGerman
11 months agoJanet
10 months agoAmira
11 months agoGilma
11 months agoHerminia
10 months agoCarin
10 months agoArlean
10 months agoJenelle
10 months agoKizzy
12 months agoMarla
12 months agoMarva
12 months agoMarla
12 months agoHaydee
1 year agoTimothy
11 months agoVicki
11 months agoZena
12 months agoGlennis
12 months agoDelisa
12 months agoPaz
12 months ago