Data Management Flashcards

1
Q

Why are diaries important for data management systems?

A

To remind you of trigger dates for lease events such as rent reviews, insurance renewals, inspections, break clauses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some examples of different data sources you work with?

A
  1. Property schedules from clients.
  2. Comparable evidence from online portals.
  3. Due diligence info - planning portal, land registry, EPC register etc.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some data security technologies?

A
  • Disk encryption (secure hard-drive)
  • Password protection
  • VPNs
  • Anti-virus software
  • Firewalls
  • 2FA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are your company’s policies on data security?

A
  • Clear desk policy
  • Lock PC when away from desk
  • Use VPN outside of office
  • Don’t download client files to hard-drive
  • Phishing email training
  • Secure disposal of paperwork
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is ‘copyright’?

A

Exclusive intellectual property rights granted to the author/creator of any original work, including the right to copy.

They can be licensed, assigned or transferred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is ‘Crown Copyright’?

A

All material created by the Government, such as laws, public records, press releases and OS maps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What must you do for any copyright duplicated in your work?

A

Acknowledge it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the relevant data protection laws?

A

UK General Data Protection Regulation 2016

Data Protection Act 2018

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the relevant data protection laws?

A

Following Brexit, the UK created the UK GDPR 2016 and Data Protection Act 2018.

Single regime for businesses regarding individuals’ control over how their data is used by 3rd parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Key requirements of UK GDPR and Data Protection Act?

A
  • Impact assessments for high-risk data
  • Individuals’ rights to access
  • Data controller - how/why data is processed and GDPR compliance
  • Data breaches reported to Information Commissioner’s Office within 72 hours
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Who polices the UK regulations?

A

Information Commissioner’s Office (ICO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the penalties for breaches of the GDPR / Data Protection Act?

A

Fines - greater of 4% annual turnover or £17.5m

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which article of UK GDPR relates to the storage of personal data?

A

Article 5(1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Article 5(1) and what does it prescribe?

A

Personal data rights:
PACKS

Processed lawfully & transparently (PLT)

Accurate and up to date

Collected for legitimate purposes

Kept in a form permitting identification for no longer than necessary

Security of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does Article 5(2) of UK GDPR require?

A

Data controller - responsible for compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the individual rights under UK GDPR?

A

A - Access
C – Consent
C - Correction
E – Erasure
P – Portability
ACCEP
(Accep your rights)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Any other relevant legislation?

A

Freedom of Information Act 2000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the Freedom of Information Act 2000?

A

Law giving individuals’ the right of access to public information.

The public body must say whether it holds the information and provide within 20 days with a right to charge for it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Exemptions to FOI Act 2000?

A
  • Contrary to GDPR
  • Would prejudice criminal matter under investigation or commercial interest
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is an NDA?

A

Non-disclosure agreement:

Contract between parties regarding the non-disclosure of confidential market-sensitive information.

21
Q

Any RICS guidance?

A

Proposed RICS Professional Statement on Data Handling and Prevention of Cybercrime

22
Q

What is the proposed RICS Professional Statement on Data Handling and Prevention of Cybercrime

A
  • Best practice and mandatory obligations for firms/members
  • How surveyors capture, store and share data
  • Mandate policies, practices, training
23
Q

what is the definition of personal data?

A

Any information related to an identified or identifiable person

24
Q

what is encryption

A

A means of securing data by encoding it mathematically so it can only be read by those with the correct key or cipher

25
Q

What is firewall?

A

Monitors traffic to / from your network.

Allows / blocks traffic based on a defined set of rules.

26
Q

What is blockchain?

A

A digitally distributed, decentralized, public ledger that exists across a network

27
Q

Tell me about how you extract data from a source regularly used in your role?

A

Comparable evidence from Rightmove Plus

28
Q

How do you validate information?

A

Cross check with another source.

Call to get further information / confirm details.

Adopt a common sense approach.

29
Q

What type of documents can electronic signatures be used for?

A

To replace handwritten signatures in virtually every personal or business process.

30
Q

What are the strengths and limitations of primary/secondary data sources?

A

Primary

Pros:
Specific to the needs
Greater control (type of data, design, method)
More current
May be more accurate

Cons:
Expensive
Time consuming

Secondary

Pros:
Easily accessible
Affordable
Less time consuming

Cons:
May lack reliability
May be outdated
Not always as specific

31
Q

How do you ensure data is kept secure?

A

Keep it safe from: corruption & control access.

I do this by:
- Passwords
- Not leaving computer or files unattended
- Regular back ups
- Encryption and anti-virus software

32
Q

Benefits of cloud based systems?

A
  • Information backed up by encrypted servers.
  • Accessibility can be managed via online settings.
  • Cheaper & more convenient to share files, instead of mailing physical copies.
  • Multiple users can work on the same document at the same time.
33
Q

Who are the key persons outlined within GDPR?

A

Controller – determines the purpose and means of processing personal data e.g. the employer.

Processor – processes personal data on behalf of the controller e.g., call centres acting on behalf of its client.

Data Protection Officer – leadership role - overseeing the data protection strategy and implementation.

34
Q

What should companies put into place to ensure GDPR compliance?

A
  • Raise awareness across the business.
  • Audit personal data.
  • Review procedures supporting individual rights.
  • Identify and document the legal basis for processing personal data under GDPR.
  • Train staff.
35
Q

Define what disclosure means?

A

The sharing of information with others.

Before sharing information you must have the right to disclose it and the person requesting must have the right to receive it.

36
Q

Why is secure data storage important?

A
  • Client confidentiality.
  • Legal compliance.
  • Protection against
    data breaches,
    mitigating data loss,
    financial damage or
    reputational harm.
  • Business continuity.
  • Reputational
    management.
  • Competitive
    advantage - topic
    becoming increasingly
    relevant to clients.
37
Q

How does your company encrypt files?

A

Using Microsoft Azure Information protection, a cloud-based data encryption tool.

Classified as confidential or highly confidential.

38
Q

What are phishing emails?

A

Fraudulent messages that attempt to deceive individuals into revealing sensitive information, such as usernames, passwords, credit card details, or other personal data.

39
Q

How can you spot a phishing email?

A
  • Sender’s email
    address
  • Poor grammar and
    spelling
  • Urgency and threats
  • Requests for personal
    information
  • Suspicious links and
    attachments
  • Unusual requests
  • Links to verify
    information
40
Q

What is an insider’s list?

A

A record to record who has access to inside information, including their names, positions, and contact details. They ensure compliance with insider trading and market abuse regulations.

41
Q

What law could have resulted in fines or prosecution (insider’s list)?

A

Market Abuse Regulation (MAR):

Governs insider trading and unlawful disclosure of inside information.

Sets out requirements for maintaining an insider’s list. Failure to comply can lead to penalties, fines, and potential criminal prosecution.

Enforced by the Financial Conduct Authority (FCA).

42
Q

Why did using the company’s VPN ensure data could not be anonymously downloaded?

A

Because the VPN routed traffic through the company’s IP address, meaning it could be easily monitored and run through the firewall.

43
Q

What are some Excel data-handling features?

A
  • Lookups
  • Text-to-columns
  • Concatenate
  • Pivot tables
  • Trim
44
Q

What is a shared drive?

A

A centralised storage location that allows multiple users on a network to access and share files and folders.

45
Q

What are yield sheets?

A

Documents stating yield ranges for different asset classes at a certain date with a comparison to previous dates and the movements.

46
Q

Why were the yield sheets confidential?

A

Because they contained confidential research information that could be viewed as a competitive advantage.

47
Q

What is a capital markets update?

A

A published communication on the current state of the capital markets, providing data such as financial information, investment levels in different sectors, growth and other statistics.

48
Q

What non-confidential information did you retain in the comps table?

A
  • Key property info/characteristics
  • Number of service users
  • Local authority / town
  • Yield
  • Date
  • Lease structure