Compliance and Auditing Regulatory Frameworks 3

Question 1

Which standard is the international benchmark for information security management systems (ISMS)?

Accepted Answer

ISO/IEC 27001

Answer

SOC 2

Answer

NIST SP 800-53

Answer

PCI DSS

Question 2

What does the term 'safe harbor' mean in the context of US data compliance?

Accepted Answer

A legal exemption from liability under certain conditions

Answer

A cybersecurity tool

Answer

A data backup strategy

Answer

An audit methodology

Question 3

Which act established the Public Company Accounting Oversight Board (PCAOB)?

Accepted Answer

Sarbanes-Oxley Act

Answer

Dodd-Frank Act

Answer

Gramm-Leach-Bliley Act

Answer

Securities Act of 1933

Question 4

Under HIPAA, a Business Associate Agreement (BAA) is required when a covered entity shares PHI with which type of party?

Accepted Answer

Third-party vendors handling PHI

Answer

Government regulators

Answer

Other covered entities only

Answer

Insurance companies

Question 5

The Dodd-Frank Wall Street Reform and Consumer Protection Act created which regulatory agency?

Accepted Answer

Consumer Financial Protection Bureau (CFPB)

Answer

FDIC

Answer

SEC

Answer

Office of the Comptroller of the Currency

Question 6

Which compliance framework uses the Trust Services Criteria for evaluating service organization controls?

Accepted Answer

SOC 2

Answer

ISO 27001

Answer

NIST CSF

Answer

COBIT