Exin Exam PDPF Topic 5 Question 60 Discussion

Actual exam question for Exin's PDPF exam

Question #: 60
Topic #: 5

What is the purpose of a data protection audit by the supervisory authority?

ATo monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR.

BTo fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection.

CTo advise the controller on the mitigation of privacy risks to protect the controller from liability claims for
non-compliance.

Show Suggested Answer

Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))

by Glennis at May 07, 2024, 10:20 AM

Limited Time Offer

25%

6 months ago

What do you think about the question on the data protection audit?

upvoted 0 times

...