exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam

Exam CIPP-E topic 1 question 121 discussion

Actual exam question from IAPP's CIPP-E
Question #: 121
Topic #: 1
[All CIPP-E Questions]

Under Article 30 of the GDPR, controllers are required to keep records of all of the following EXCEPT?

  • A. Incidents of personal data breaches, whether disclosed or not.
  • B. Data inventory or data mapping exercises that have been conducted.
  • C. Categories of recipients to whom the personal data have been disclosed.
  • D. Retention periods for erasure and deletion of categories of personal data.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
72d0a83
3 weeks, 1 day ago
Selected Answer: A
Article 30 of the GDPR does not specifically require controllers to keep records of personal data breaches
upvoted 1 times
...
a4007d1
2 months ago
The correct answer is: **B. Data inventory or data mapping exercises that have been conducted.** Explanation: Under **Article 30 of the GDPR**, controllers are required to maintain records of processing activities, which include: - **A.** Records of personal data breaches are not explicitly required under Article 30, but breaches must be reported and documented under **Article 33**. - **C.** Categories of recipients to whom personal data have been disclosed. - **D.** Retention periods for the erasure and deletion of categories of personal data. However, **data inventory or data mapping exercises** are not part of the explicit record-keeping obligations under Article 30, even though these exercises can help an organization understand its data flows and processing activities.
upvoted 1 times
...
Ssourav
4 months, 3 weeks ago
Selected Answer: A
A. Incidents of personal data breaches, whether disclosed or not. Explanation: A. Incidents of personal data breaches, whether disclosed or not: Article 30 of the GDPR does not specifically require controllers to keep records of personal data breaches. However, Article 33 of the GDPR requires controllers to document any personal data breaches, including their effects and remedial actions taken, but this is separate from the record-keeping requirements of Article 30.
upvoted 1 times
...
AhamedArshadKhan
5 months ago
**B. Data inventory or data mapping exercises that have been conducted.** Under Article 30 of the GDPR, controllers are required to maintain records of processing activities that include information such as the purposes of processing, categories of data subjects, categories of personal data, categories of recipients, and retention periods. While data inventory or mapping exercises are useful for understanding processing activities, they are not specifically required to be recorded under Article 30.
upvoted 2 times
...
zero46
1 year ago
Selected Answer: A
Not in ROPA
upvoted 1 times
...
Claire0911
1 year, 2 months ago
The correct answer is A. Art. 30 is about ROPA, while documenting data breach is in Art. 33 under security of personal data.
upvoted 2 times
...
Egofskam
1 year, 4 months ago
Correct answer is A - reporting requirements are addressed in Article 33, not 30 which deals with records of processing
upvoted 1 times
...
mlgrjc
1 year, 9 months ago
The correct answer is B
upvoted 2 times
58ad832
7 months, 3 weeks ago
The answer is A. B is incorrect because data mapping is an organizational security measure which falls under Article 30 (1) g. description of the organizational security measures.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago