Advancement through Cyber Resilience

-
EN
Control Panel
Business Context
Forte Resilience
Executive Dashboard
Contact

Data Privacy

Which statement better describes the Collection Principle of the current Privacy Program?
  • Document and describe types of information collected and methods of collection

  • Collection of information by fair and lawful means, including collection from third parties

  • Inform individuals if information is developed or additional information is acquired

Which statement better describes the Use, Retention and Disposal Principle of the current Privacy Program?
Which statement better describes the Access Principle of the current Privacy Program?
  • Confirmation of an individual’s identity before access is given to personal information

  • Personal information presented in an understandable format

  • Access provided in a reasonable time frame and at a reasonable cost

  • Statement of disagreement; the reason for denial should be explained to individuals in writing

Which statement better describes the Disclosure to Third Parties Principle of the current Privacy Program?
  • communication with third parties should be made known to the individual

  • information should only be disclosed to third parties that have equivalent agreements to protect personal information

  • individuals should be aware of any new uses/purposes for the information

  • the organisation should take remedial action in response to misuse of personal information by a third party

Page 2/3

Data privacy

Which statement better describes the Management Principle of the current Privacy Program?
  • Management

  • Notice

  • Choice and consent

  • Collection

  • Use, retention and disposal

  • Access

  • Disclosure to third parties

  • Security for privacy

  • Quality

  • Monitoring and enforcement

  • A Privacy Policy that covers all ten essential principles of Privacy and is in alignment with applicable privacy laws

  • Review and approval of changes to the Privacy Policy conducted by management

  • Risk assessment process to establish a risk baseline and regularly identify new or changing risks to personal data

  • Infrastructure and systems management take into consideration impacts on personal privacy

  • Privacy awareness training

Which statement better describes the Notice Principle of the current Privacy Program?
  • Communication to individuals

  • Provision of notice

  • Use of clear and conspicuous language

Which statement better describes the Choice and Consent Principle of the current Privacy Program?
  • Communicating the consequences of denying/withdrawing consent

  • Consent for new purposes/uses of the personal data

  • Explicit consent for sensitive data

  • Consent for online data transfer

Page 1/3

Data Privacy

Which statement better describes the Security for Privacy Principle of the current Privacy Program?
  • Privacy policies must address the security of personal information

  • Information Security programs must include administrative, technical and physical safeguards

  • Logical access controls in place

  • Restrictions on physical access

  • Environmental safeguards

  • Personal information protected when being transmitted (e.g., mail, internet, public or other non-secure networks)

  • Data breach response capability can detect, respond and communicate a breach of personal information in a timely manner

  • Security safeguards should be tested for effectiveness at least once annually

Which statement better describes the Quality Principle of the current Privacy Program?
Which statement better describes the Monitoring and Enforcement Principle of the current Privacy Program?
  • Individuals should be informed on how to contact the organisation with inquiries, complaints and disputes

  • Formal process in place for inquires, complaints or disputes

  • Each complaint is addressed and the resolution is documented for the individual

  • Compliance with privacy policies, procedures, commitments and legislation is reviewed, documented and reported to management

Page 3/3

-
EN