CDPO Q10 – AllNet Law

This multiple choice assessment focuses on the General Data Protection Regulation (GDPR).

The purpose of the assessment is to enable you to assess the extent and depth of your knowledge of the Data Protection Law.

Format: Multiple Choice

The result will be provided immediately, with details on all questions.

Full Name

Email

1. In order to comply with the GDPR, organizations should fulfill some mandatory requirements on how to document processes and data protection controls.

There is no mandatory requirement on how to document processes and data protection controls. This can be done by using diagrams, textual description, spreadsheets, etc.

A. True

B. False

2. What is the task of DPO in documentation management?

Among others, the DPO is responsible for creating and maintaining documented information of daily tasks. This enables the DPO to demonstrate their commitment to data protection by being capable of analyzing the available evidence in a timely and constructive manner.

A. Develop a guideline for the control of the documented information when requested by an executive

B. Develop a form for the control of the documented information to comply with respective regulations

C. Create and maintain documented information of their daily tasks

3. Which of the following statements is incorrect?

The preparation of documentation is regarded as a value-adding activity to the overall performance of the DPO, rather than a priority. Maintaining documentation helps in detecting the gaps in personal data processing activities and demonstrates compliance to the GDPR.

A. Maintaining documentation is helpful for identifying gaps in personal data processing activities

B. The preparation of documents should be a priority for the DPO

C. Work documents prepared by the DPO serve as evidence of compliance with the GDPR

4. Work documents are used to show compliance. How should work documents be?

Work documents should include facts whether the controller is compliant with the GDPR or not, and, at the same time, provide clear information that enables the evaluation of the evidence collected.

Identify the MOST appropriate lawful basis for processing:

A. Factual

B. Generalized

C. Ambiguous or incomprehensible

5. Which document type below describes actions plans to improve the organization’s processes to comply with the GDPR?

Strategic documents, together with records, checklists, etc., are a type of document that the DPO can create and maintain while completing their daily tasks. Strategic documents describe the action plan with the DPO’s advice to further improve the organization’s processes to comply with the GDPR

A. Record

B. Strategic document

C. Checklist

6. Highly voluminous documentation is necessary for the controller to demonstrate GDPR compliance.

A. True

B. False