Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CISSP > Roles & Responsibilities Regarding Personal Data Protection > Flashcards

Roles & Responsibilities Regarding Personal Data Protection Flashcards

1
Q

The natural person described by, identified by, or otherwise related to the data in question.

A

Data Subject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Determines the purposes and means for any actions taken involving the use of personal data, either for an employee, customer, or any other person. Is held accountable, ensuring that all actions required by GDPR (or other similar laws, contracts, or compliance regimes) are completed effectively. The person or entity that controls processing of the data.

A

Data Controller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Performs the actual tasks necessary to acquire or generate, use, modify, or properly dispose of the data. A natural or legal person, public authority, agency, or other body, which processes personal data solely on behalf of the data controller.

A

Data Processor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

This role was created in the 2019 update to the GDPR. The GDPR requires that organizations that process data relating to a subject’s genetics, health, racial or ethnic origin, religious beliefs, or other characteristics or preferences must appoint a data protection officer to advise them on all compliance aspects. Also acts as the interface to government supervisory agencies and offices. Under GDPR, this is a MANDATORY appointment within an organization and ensures compliance with data regulations.

A

Date Protection Officer (DPO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Commonly responsible for data content, context and associated business rules within the organization.

A

Data Steward

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Responsible for the protection of the data while it is in their custody. This means safe custody, transport, storage and processing of the data and the understanding and compliance policies regarding the protection of the data. Usually someone in the IT department. Does not decide what controls are needed, but does implement controls for the data owner.

A

Data Custodian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Makes the decisions as to who should be allowed which levels of access to the data. Must also ensure that data quality, integrity, and protection procedures are in place and working correctly. Will take or delegate the controller role. Usually a member of senior management.

A

Data Owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions