Data Protection Awareness Quiz Survey

Question Title

* 4. Who determines the purpose and means of processing?

Processor

Controller

Data Protection Officer

ICO

Question Title

* 5. Collection, recording, organising, structuring, storage, adaptation and alternation, are examples of which of the following:

Security Measures

Automation

Processing

Data

Question Title

* 6. Which of the following are types of Special Category Data?

Financial data

Race or ethnic origin

Political opinion

Religious or philosophical beliefs

Name, Address and DOB

Trade union membership

Genetic data

Biometric data

Physical or mental health data

Sexual life and/or sexual orientation

Question Title

* 7. Demonstrating compliance, and your decision making process. Defines which GDPR Principle?

Lawfulness, fairness and transparency

Purpose Limitation

Storage Limitation

Accountability

Question Title

* 8. The right of access, is an example of which of the following?

Right to be informed

Individual Data Subjects Rights

DSARs

GDPR Principle

Question Title

* 9. DSAR is an acronym for...

Data Specific Allocation Request

Data Subject Access Request

Data Subject Accuracy Request

Data Sharing Agreement Request

Question Title

* 10. On receipt of a DSAR. How many days do you have to respond to the request?

30 days

4 weeks

One month

One year

Question Title

* 11. Name, identification numbers, cookies and IP addresses are examples of...

Special Category Data

PPI

Personal Data/Personal Identifiers

Pseudonymised Data

Question Title

* 12. When considering data breaches, which commonly used acronym could be used to identify the type of data breach?

FBI

CIA

PPI

DPA

Question Title

* 13. The CIA acronym stands for: Confidentiality, Integrity, and Access.

True

False

Question Title

* 14. When experiencing a high risk data breach, the supervisory authority requires notification within what time period of becoming aware of the breach?

24 hours

One week

72 hours

48 hours

Question Title

* 15. How many GDPR Principles are there?

Question Title

* 16. Accountability is the ___ principle.

7th

1st

3rd

5th

Question Title

* 17. Which of the following could be accountability tools?

DPIA

Policies and procedures

ROPA

Breach reports

Question Title

* 18. DPIA stands for...

Data Protection Impact Assessment

Data Processor Investigation Assessment

Data Protection Internal Audit

Data Protection Illegal Activity

Question Title

* 19. When should you action a DPIA?

When you are ready to implement the new process.

As early as possible.

After you have implemented a new process.

Only when your DPO asks for one.

Question Title

* 20. The 5 steps of the risk based cycle are:

Identify, Assess, Score, Mitigate, Close

Identify, Score, Assess, Monitor, Check

Identify, Assess, Score, Remediation, Monitor

Identify, Assess, Act, Close, File

Question Title

* 21. Article 30 refers to which accountability tool?

Policies and processes

Privacy Notices

ROPA

Staff training

Question Title

* 22. In which document would you find information about; purpose of processing, retention schedules, categories of recipients of personal data, name and contact details of your organisation?

DPIA

Breach Policy

SAR log

ROPA

Question Title

* 23. Which GDPR requirement is best defined by 'embedding data protection principles into your day to day business'?

Technical and organisation security measures

Staff training framework

Appointment of a DPO

Data protection by design

Question Title

* 24. You have been asked to share a customer data base with a third party. Which of the following should you consider?

What are the risks to the data subject?

Is the third party the police?

Is the sharing lawful, justified, and necessary and proportionate?

Do you have a Data Sharing Agreement in place?

Question Title

* 25. A Tier 1 penalty notice is to what value?

40 Million or 4% annual turnover

20 Million or 4% annual turnover

30 Million or 2% of annual turnover

10 Million or 2% annual turnover

Question Title

* 26. Data Subject Access Request should be submitted in which format?

Electronic

Post

Via the DPO

It does not matter, they can be in any format.

Question Title

* 27. When did the GDPR become enforceable?

25th May 2016

1st January 2018

25th May 2018

1st January 2021

Question Title

* 28. Data Protection is who's responsibility?

DPO

CEO

Everyones

Line Managers

Question Title

* 29. Now the quiz has finished, would you like to hear more from DPAS about future quizzes, data protection newsletters, offers and more?

Yes

Data Protection Awareness Quiz

Question Title

* 1. Full Name

Question Title

* 2. Organisation

Question Title

* 3. Email Address

Question Title

* 4. Who determines the purpose and means of processing?

Question Title

* 5. Collection, recording, organising, structuring, storage, adaptation and alternation, are examples of which of the following:

Question Title

* 6. Which of the following are types of Special Category Data?

Question Title

* 7. Demonstrating compliance, and your decision making process. Defines which GDPR Principle?

Question Title

* 8. The right of access, is an example of which of the following?

Question Title

* 9. DSAR is an acronym for...

Question Title

* 10. On receipt of a DSAR. How many days do you have to respond to the request?

Question Title

* 11. Name, identification numbers, cookies and IP addresses are examples of...

Question Title

* 12. When considering data breaches, which commonly used acronym could be used to identify the type of data breach?

Question Title

* 13. The CIA acronym stands for: Confidentiality, Integrity, and Access.

Question Title

* 14. When experiencing a high risk data breach, the supervisory authority requires notification within what time period of becoming aware of the breach?

Question Title

* 15. How many GDPR Principles are there?

Question Title

* 16. Accountability is the ___ principle.

Question Title

* 17. Which of the following could be accountability tools?

Question Title

* 18. DPIA stands for...

Question Title

* 19. When should you action a DPIA?

Question Title

* 20. The 5 steps of the risk based cycle are:

Question Title

* 21. Article 30 refers to which accountability tool?

Question Title

* 22. In which document would you find information about; purpose of processing, retention schedules, categories of recipients of personal data, name and contact details of your organisation?

Question Title

* 23. Which GDPR requirement is best defined by 'embedding data protection principles into your day to day business'?

Question Title

* 24. You have been asked to share a customer data base with a third party. Which of the following should you consider?

Question Title

* 25. A Tier 1 penalty notice is to what value?

Question Title

* 26. Data Subject Access Request should be submitted in which format?

Question Title

* 27. When did the GDPR become enforceable?

Question Title

* 28. Data Protection is who's responsibility?

Question Title

* 29. Now the quiz has finished, would you like to hear more from DPAS about future quizzes, data protection newsletters, offers and more?