Question 1
Classify the following scenario as major or minor non-conformity
"An India based organization is expanding operations in Europe To deliver its services, it needs to deal with PI of its customers The organization is not fully aware of how the data protection legislations in EU Member States will affect its operations what will be its liabilities and how it needs to address those. The legal learn was given the responsibility to understand the issues and come out with detailed plan. The legal function did not have any m-house expert in privacy or international law The legal team assigned a senior resource on the job This person used the resources available on the internet to understand the legal privacy issues in EU and based on her research recommended the action plan, which was accepted by the management"
"An India based organization is expanding operations in Europe To deliver its services, it needs to deal with PI of its customers The organization is not fully aware of how the data protection legislations in EU Member States will affect its operations what will be its liabilities and how it needs to address those. The legal learn was given the responsibility to understand the issues and come out with detailed plan. The legal function did not have any m-house expert in privacy or international law The legal team assigned a senior resource on the job This person used the resources available on the internet to understand the legal privacy issues in EU and based on her research recommended the action plan, which was accepted by the management"
Question 2
What is a Data Controller?
Question 3
Entities should collect personal information from user that is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. This Privacy Principle is called:
Question 4
Which of the following best describes 'Processing'?
Question 5
Which of the following statements is true with respect to organization's privacy training and awareness program?