Security and Privacy Principles 2.1

Question 1

The process of verifying identity

Answer 1

Authentication

Question 2

The principal that information, systems, and supporting infrastructure are operating and accessible when needed

Answer 2

Availability

Question 3

The assurance that information is not disclosed to unauthorized persons,processes, or devices. Covers data in storage, during processing, and in transit.

Answer 3

Confidentiality

Question 4

The right of an individual to control the use of their personal information.

Answer 4

Privacy

Question 5

The process approving access

Answer 5

Authorization

Question 6

The process of assuring the validity and origin of data

Answer 6

Non-repudiation

Question 7

The process of tracing action to the source

Answer 7

Accounting

Question 8

The principal that systems are trustworthy, and works as intended, and the data is complete and accurate

Answer 8

Integrity

Question 9

Collection of personal data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject

Answer 9

OECD privacy principles
Collection limitation

Question 10

Personal data should be relevant to the purpose collected and should be accurate, complete, and kept up-to-date.

Answer 10

OECD privacy principles
Data quality

Question 11

The purpose for which personal data is collected should be specified not later than at the time of data collection

Answer 11

OECD privacy principles
Purpose specification

Question 12

Personal data should not be disclosed or otherwise used for the purposes other than specified except with the consent of the data subject; or by the authority if law

Answer 12

OECD privacy principles
Use limitation