Information Management

Question 1

Operational Risks

Answer 1

Affects Efficiency

Ensure the privacy policy does not unnecessarily inhibit organizational needs and goals

May be a driver in privacy policy reform

Question 2

Investment Risks

Answer 2

Hampering the ability of the organization to receive an appropriate return on its investments in information, IT
and information processing programs

Question 3

Privacy Policy Steps

Answer 3

Discover
Build
Communicate
Evolve

Question 4

Discover

Answer 4

Goals
Inventory
Classification
Risks
Data Flows
Data Sharing
Data Transfer
Accountability
Best Practices

Question 5

Build

Answer 5

Privacy Policies

Privacy Notices

Question 6

Communicate

Answer 6

Documentation
Training
Communication
Accountability

Question 7

Evolve

Answer 7

Monitor
Revise
Adapt

Question 8

double opt-in

Answer 8

requires the data subject to confirm their choice via a response to a follow-up email

Question 9

Information the consumer should expect to be shared with third parties or used in other ways (e.g., third-party shipping, fraud prevention, first-party marketing)

Answer 9

No option

Question 10

Data Retention Policy Advantages

Answer 10

Reduce risk of breach
Save money on storage limits
regulatory

Question 11

Vendor Due Diligence

Answer 11

Reputation
prior security incidents
financial condition
security controls
point of transfer
Disposal information
employee training/awareness
Vender Incident Response
Audit rights
third party security certifications