IAPP Exam CIPP-E Topic 5 Question 25 Discussion

Actual exam question for IAPP's CIPP-E exam

Question #: 25
Topic #: 5

To provide evidence of GDPR compliance, a company performs an internal audit. As a result, it finds a data base, password-protected, listing all the social network followers of the client.

Regarding the domain of the controller-processor relationships, how is this situation considered?

ACompliant with the security principle, because the data base is password-protected.

BNon-compliant, because the storage of the data exceeds the tasks contractually authorized by the controller.

CNot applicable, because the data base is password protected, and therefore is not at risk of identifying any data subject.

DCompliant with the storage limitation principle, so long as the internal auditor permanently deletes the data base.

Show Suggested Answer

Suggested Answer: B

by Laurel at May 05, 2022, 06:56 AM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!