CCO Data Privacy and Information Security Compliance

Question 1

What does GDPR stand for and which organizations must comply with it?

Accepted Answer

General Data Protection Regulation; applies to any organization processing personal data of EU residents

Answer

General Data Reporting Regulation; applies only to EU companies

Answer

Global Data Privacy Rules; applies to US multinational companies only

Answer

Government Data Protection Regulation; applies to public sector entities

Question 2

What is 'personal data' under GDPR?

Accepted Answer

Any information relating to an identified or identifiable natural person

Answer

Only social security numbers and financial records

Answer

Business transaction records

Answer

Anonymized statistical data

Question 3

What is the maximum fine for a serious GDPR violation?

Accepted Answer

€20 million or 4% of global annual turnover, whichever is higher

Answer

$1 million

Answer

€1 million or 1% of turnover

Answer

There is no fine for first-time violations

Question 4

What is the California Consumer Privacy Act (CCPA)?

Accepted Answer

California's state privacy law granting consumers rights over their personal data collected by businesses

Answer

A federal US data privacy law

Answer

A regulation governing data centers only

Answer

A credit reporting act specific to California

Question 5

What is a Data Protection Impact Assessment (DPIA)?

Accepted Answer

A structured process to identify and minimize data protection risks in high-risk processing activities

Answer

An annual IT security audit

Answer

A customer survey on data handling preferences

Answer

A financial assessment of data storage costs

Question 6

What is the GDPR requirement for reporting a personal data breach to supervisory authorities?

Accepted Answer

Within 72 hours of becoming aware of the breach, unless it is unlikely to result in risk to individuals

Answer

Within 7 days of discovery

Answer

Within 30 days of discovery

Answer

Only if more than 1,000 individuals are affected