Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 48 discussion

Actual exam question from IAPP's CIPP-E
Question #: 48
Topic #: 1
[All CIPP-E Questions]

When hiring a data processor, which action would a data controller NOT be able to depend upon to avoid liability in the event of a security breach?

  • A. Documenting due diligence steps taken in the pre-contractual stage.
  • B. Conducting a risk assessment to analyze possible outsourcing threats.
  • C. Requiring that the processor directly notifies the appropriate supervisory authority.
  • D. Maintaining evidence that the processor was the best possible market choice available.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by jhjhhhh at July 24, 2023, 11:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
AhamedArshadKhan
3 months, 4 weeks ago
D. Maintaining evidence that the processor was the best possible market choice available. Under the GDPR, while it is important for a data controller to document due diligence, conduct risk assessments, and ensure the processor is contractually obligated to notify the data controller of any breaches, simply proving that the processor was the best choice in the market does not absolve the data controller of responsibility. The data controller must ensure that the processor meets GDPR requirements and has appropriate security measures in place.
upvoted 1 times
...
Ssourav
4 months ago
Selected Answer: C
C. Requiring that the processor directly notifies the appropriate supervisory authority. Under the GDPR, it is the responsibility of the data controller to notify the supervisory authority in the event of a data breach, not the processor. The processor's responsibility is to notify the controller without undue delay after becoming aware of a breach.
upvoted 1 times
...
b399b45
8 months, 4 weeks ago
Selected Answer: C
Also agree that it should be C. the responsibility of notifying the Supervisory authority should be the controller, not the processor.
upvoted 3 times
...
loejee
1 year, 1 month ago
Also agree that it should be C. the responsibility of notifying the Supervisory authority should be the controller, not the processor.
upvoted 1 times
...
jhjhhhh
1 year, 4 months ago
i think it is C
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel