CH 2 Managing Data Flashcards
Under the General Data Protection Regulation (GDPR), a data controller’s role is to
Define how and for what purpose personal data should be processed.
The GDPR specifically defines the tasks of the data controller, a mark of the importance the European Union places on the personal privacy of its citizens.
Internal data entry processes that capture accounting transactions, customer data or other operational transactions are called
Data capture.
Data capture, including data preparation, are a business’ day to day transactions.
Which one of the following is a data governance committee (DGC) responsibility?
A data governance committee ensures there are few conflicts or redundancies in data standards and practices.
In terms of data governance, IT employees hold the role of
Data custodians.
IT employees, including architects, are charged with managing the flow of data for an organization. This contrasts with role of a data steward who develop business rules based on the data model IT employees develop.
The data quality principle of reasonability refers to
The materiality or relevance of data.
Reasonability refers to both materiality and relevance of data, testing whether the information provided is pertinent to the business objective at hand.
Which one of the following is true regarding data quality?
Data quality is a relative, not an absolute, concept.
To gain a competitive advantage, maintain profitability, and satisfy customers an organization must
Be able to trust its data.
Organizations must be able to trust its data to be able to act on it in ways that are consistent with its holistic risk management strategy.
Which one of the following statements is correct regarding the personal data and privacy positions of the European Union (EU) and the U.S.?
The EU has one all-encompassing data protection framework and the U.S. has several more targeted privacy laws. The EU has a stronger cultural expectation of privacy that the U.S.
Which one of the following is a basic process in any data security program?
Develop and enforce stronger password protocols. Developing and enforcing stronger password protocols is a critical first step in protecting a business’ data from unwanted intrusions.
The lifeblood of every organizational function is
Data.
The first sentence of this section states the importance data carries for every organizational function and risk management decision.
There are two types of associated risk for data privacy, individual and general risk. General data privacy risk
Can be categorized operational or reputational.
A general data privacy risk is considered less specific than an individual risk. General data privacy risks concern a loss of reputation or safeguarding trade secrets.
Which one of the following functions of a data management program would allow accounting transactions to automatically update an organization’s financial statements?
Data integration.
Data integration is a function of a data management program that would allow accounting transactions to automatically update an organization’s financial statements.
A privacy impact assessment (PIA) is
A tool used to identify and assess privacy risks.
A privacy impact assessment (PIA) can identify and assess privacy risks as well as identify whether information collected complies with legal and regulatory privacy requirements.
In terms of data quality principles, validity is defined as
The accuracy of data within predefined and accepted parameters or values. Validity is defined as the accuracy of data within predefined and accepted parameters or values. Accuracy measures the true value of data relative to the true value of data relative to the business information being analyzed.
Which one of the following is an example of a data governance tool?
External Policy.
Data governance is more than just physical tools or software applications. A data governance committee also uses internal policies, external policies, enterprise data models and collaborative tools such as agile project management to achieve its aims.
Sound risk management decisions are predicated on
Quality data.
Quality data is critical to making sound risk management decisions. For example, up-to-date financial data may influence whether an organization decides to expand its product offerings.
Which one of the following is an element of a data security program?
Storing data back-ups off site.
While working with data is critical to business success, securing that data is just as important. One element of protecting data is storing back-ups of key databases off site.
Which one of the following defines individual risk?
Individual risk varies according to the type of business.
Malware is defined as
Software designed to cause damage.
Malware is any software that is designed specifically to cause harm or damage to a computer, server, or network.
Wycliffe Insurance is very concerned about data quality and has many safeguards in place to ensure the data it collects and stores is managed appropriately. New claims data is entered with the date of its arrival to the department. Then the claims representative’s activities are also entered with the date and time whenever the file is updated. The organization has chosen this data formatting to reflect the required degree of accuracy that has proven many times to be beneficial when the data is used in settlement negotiations or arbitration hearings. The dimension of stored data quality used in this case by Wycliffe is
Precision.
The dimension of stored data quality used in this case is precision.
Data governance provides
Definitions, standards and procedures for how data is used.
Data governance is the starting point, or rule set for managing data.
