New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

DSCI Exam DCPLA Topic 1 Question 43 Discussion

Actual exam question for DSCI's DCPLA exam
Question #: 43
Topic #: 1
[All DCPLA Questions]

Classify the following scenario as major or minor non-conformity.

''The organization has a very mature information security policy. Lately, the organization has realized the need to focus on protection of PI. A formal PI identification exercise was done for this purpose and a mapping of PI and security controls was done. The organization has also put in place data masking technology in certain functions where the SPI was accessed by employees of a third party. However, the organization is yet to include PI specifically in its risk assessment exercise, incident management, testing, data classification and security architecture programs.''

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

Maryln
2 months ago
I'm with Glendora on this one. Protecting PI should be a top priority, and not having it properly integrated into their security programs is a major issue. Time to step it up!
upvoted 0 times
...
Lynelle
2 months ago
Hmm, I'm going to go with 'Both Major & Minor' on this one. The organization has made some good progress, but still has work to do to fully integrate PI protection into their security practices.
upvoted 0 times
...
Glendora
2 months ago
I disagree. This seems like a major non-conformity to me. Failing to include PI in risk assessment, incident management, and other core security functions is a significant gap that needs to be addressed.
upvoted 0 times
Alishia
27 days ago
User 4: A) Major
upvoted 0 times
...
Mirta
1 months ago
User 3: C) Both Major & Minor
upvoted 0 times
...
Natalie
1 months ago
User 2: B) Minor
upvoted 0 times
...
Elly
2 months ago
A) Major
upvoted 0 times
...
...
Desmond
2 months ago
Agreed, this is a tough one. I can see both sides, but I think the fact that they've at least started the process with data masking and PI identification pushes it more towards 'Minor' in my book. Baby steps, people!
upvoted 0 times
...
Remona
2 months ago
Are we sure this isn't a trick question? It's almost too easy. Where's the catch?
upvoted 0 times
Marylou
1 months ago
B) Minor
upvoted 0 times
...
Lanie
1 months ago
It seems pretty straightforward to me.
upvoted 0 times
...
Nieves
1 months ago
A) Major
upvoted 0 times
...
...
Pearline
2 months ago
I see your point, but maybe it could also be considered a minor non-conformity since they have taken steps to protect PI in certain areas.
upvoted 0 times
...
Britt
3 months ago
I'm going with B. They've already made some good progress, even if they haven't finished the job yet.
upvoted 0 times
Danilo
1 months ago
User1: True, they're on the right track though.
upvoted 0 times
...
Theola
1 months ago
User3: I agree, but they still need to include PI in other areas like risk assessment and incident management.
upvoted 0 times
...
Francoise
2 months ago
Yeah, they've made some progress with the data masking technology.
upvoted 0 times
...
Edward
2 months ago
C) Both Major & Minor
upvoted 0 times
...
Latricia
2 months ago
I think it's a minor non-conformity.
upvoted 0 times
...
Theodora
2 months ago
B) Minor
upvoted 0 times
...
Darrel
2 months ago
A) Major
upvoted 0 times
...
...
Sean
3 months ago
I agree with Elly. Not including PI in risk assessment and incident management is a big risk for the organization.
upvoted 0 times
...
Carissa
3 months ago
I think this is a major non-conformity. The organization has a lot of work to do to properly protect PI.
upvoted 0 times
...
Rosendo
3 months ago
Hmm, this seems like a tricky one. I'm leaning towards C, but I'm not totally sure.
upvoted 0 times
Jody
2 months ago
It's definitely a mix of major and minor non-conformity.
upvoted 0 times
...
Trina
2 months ago
Maybe they should prioritize including PI in their risk assessment.
upvoted 0 times
...
Donte
2 months ago
I agree, it seems like there are important aspects missing.
upvoted 0 times
...
Irma
2 months ago
I think it could be both major and minor.
upvoted 0 times
...
...
Elly
3 months ago
I think it's a major non-conformity because PI should be included in all aspects of information security.
upvoted 0 times
...

Save Cancel