Expert - PIA/DPIA Automation

Which of the following is NOT an advantage of the Self-Service workflow? Ability to respond to the incidents immediately Promotes Privacy by Design philosophy Allows for more centralised control Allows for teams to be self-sufficient

Ability to respond to the incidents immediately

Which of the following is required under GDPR in certain scenarios? Data Protection Impact Assessments Questionnaires Risk Repositories All of the Above None of the Above

All

A user wants to create a very well-designed, simple and user friendly export of a particular DPIA that was completed this month. Which report would best serve this purpose? Assessment Custom Report Assessment Dashboard Export Assessment PDF Report Assessment Column Report

Assessment Dashboard Export

What reporting area is best used for overviews and statuses of assessments undergoing approval? Dashboards Assessment PDF Assessment Custom Reports Assessment Summary Reports

Assessment PDF

The privacy team wants the ability to show a completed assessment as "approved with conditions." Where would they go to set up this configuration? Workflow and Routing Assessment Results Automation Rules

Assessment Results

What options can be added to the Assessment PDF Page? Select all that apply. Custom Header Image Assessment Attachments A free text box for custom text or summaries Assessment Questions with Comments and Risks Any connected/threshold assessments

Custom Header Image A free text box for custom text or summaries Assessment Questions with Comments and Risks Any connected/threshold assessments

TRUE/FALSE: If an assessment has multiple approvers, you can NOT bypass other approvers if you are a site admin.

F

True/False: A template can utilize both Show Logic and Skip Logic.

F

True/False: Assessment reports created will dynamically update with any new template questions added since the report's creation?

F

True/False: Assessments are a requirement to comply with the California Consumer Privacy Act (CCPA)?

F

True/False: The LGPD requires DPIAs to be completed at all times.

F

True/False: When assigning an assessment to multiple respondents, approvers cannot hide certain sections from particular respondents.

F

When a using the "Send Back" button, to what state will the assessment rollback? Under Review In Progress Not Started

In Progress

What items are customizable in the Risk Matrix settings? Choose all that apply. Matrix Dimensions (e.g., 4 x 4) Column/Row Headings Risk Square Values (Numeric Values) The color of the risk matrix

Matrix Dimensions (e.g., 4 x 4) Column/Row Headings Risk Square Values (Numeric Values)

What concept refers to configuring your products or services to only hold and process the minimal amount of data required at the beginning of use or user sign-up? Privacy by Default Privacy by Design Data Protection Planning Data Minimization

Privacy by Default

What concept refers to the principle of incorporating minimal data processing and data subject rights from the initial planning and inception of product/service lines? Privacy by Default Privacy by Design Data Protection Planning Data Minimization

Privacy by Design

SELECT ALL CORRECT CHOICES: Risk Owners are able to perform which of the following? Request Exception Delete Risk Reject Risk Propose Remediation

Request Exception Reject Risk

An assessment has 3 high risks, 2 medium risks, and 1 low risk, but the overall assessment risk score is "Very High." What type of Assessment risk aggregation methodology did they more than likely use? Risk Count Highest Sum Average

Risk Count

SELECT ALL CORRECT CHOICES: What kind(s) of rules can be applied to a questionnaire template? Reject Vendor Risk Flagging Send follow-up Assessment Assign workflow upon submission Add Approvers

Risk Flagging Send follow-up Assessment Assign workflow upon submission Add Approvers

An approver wants to automatically have a respondent answer additional questions should certain answers indicate high risk. What are the best ways to accomplish this within OneTrust? Select all that apply. Risk Flags Template Rules to Trigger Follow-Up Assessment Show Logic to reveal questions Manually send an additional assessment

Risk Flags Template Rules to Trigger Follow-Up Assessment Show Logic to reveal questions

What fields can be added when pre-flagging a risk on the template? Select all that apply. Risk Level Risk Category Risk Controls Risk Owner

Risk Level Risk Category Risk Controls

When the Approver accepts the Exception Requested by a Risk Owner, the risk result becomes: Risk Retained Risk Reduced Whatever the approver chooses as the result

Risk Reduced

What type of logic would be best for this scenario? Based on certain answers from Section 1 and Section 3 of an assessment, the client will determine whether the assessment has high risks. If the assessment answers indicate high risk, they want to dynamically provide a section at the end to include questions related to a DPIA. Which logic would allow for the client to build an assessment template to support this behavior? Skip Logic Show Logic Threshold Logic

Show Logic

When building an assessment dashboard, which report allows for 2 levels of grouping? Stacked Bar Chart Bar Chart Line Graph Pie Chart

Stacked Bar Chart

SELECT ALL CORRECT CHOICES: According to the GDPR, a DPIA shall contain which of the following with respect to the processing activities being assessed? Systematic Description Assessment of the necessity and proportionality Assessment of risk Measures envisaged to address risks

Systematic Description Assessment of the necessity and proportionality Assessment of risk Measures envisaged to address risks

TRUE OR FALSE: Info requests can be compiled and sent to the respondent in bulk?

T

TRUE OR FALSE: Manually flagging a risk will automatically send a notification to the respondent?

T

TRUE OR FALSE: When more info has been requested on a question, by default the respondent will be able to come back to the assessment and change his/her answer.

T

TRUE/FALSE: Admins can manually switch between approval workflows?

T

TRUE/FALSE: You can assign approvers to stages when launching an assessment from the Launch Assessments screen.

T

True/False: Users can disable multiple information requests and allow them to send in a single email.

T

What's the best example of when you would want to utilize section assignment within assessments? Two members of the privacy team need equal access to complete an assessment. The OneTrust site admin needs access to provide answers to a respondent's assessment The IT team needs to only answer technical questions on a privacy assessment.

The IT team needs to only answer technical questions on a privacy assessment.

When building approval workflows, which stage of the workflow are able to allow for multiple approvers? Not Started In Progress Under Review Complete

Under Review

An assessment approver wants to re-open an assessment to additional responses but doesn't want all questions to be available to be re-answered or want to barrage the respondent with emails. What is the best course of action? Click "Send Back" to send the assessment back to In Progress Copy the assessment, re-send a new one, and mark the current as "rejected." Add comments to relevant questions that need changed responses. Use Bulk Info Request functionality to flag questions as Needs More Information.

Use Bulk Info Request functionality to flag questions as Needs More Information.

A user wants to copy an old inventory assessment but wants to ensure that it includes any changes brought down from their CMDB database. How would they best ensure that these changes are included in the new assessment? Use the Latest Template Version setting Copy All Responses/Comments Use Latest Inventory Values setting Link Risks to the Assessment

Use the Latest Template Version setting

Which are NOT options available to help calculate an assessment's overall risk score based on individual risks? Select all that apply. Highest Sum Risk Count Average User Configured on an Assessment basis

User Configured on an Assessment basis

What's the best example of why someone would want to "Allow Import Assessment Responses from Excel?" Select all that may apply. Bulk import of paper responses Vendor refuses to complete questionnaire via OneTrust Connectivity issues prevent user from accessing the web for a period of time Mass migration from previous privacy tool

Vendor refuses to complete questionnaire via OneTrust Connectivity issues prevent user from accessing the web for a period of time Mass migration from previous privacy tool

SELECT ALL CORRECT CHOICES: Which of the following are ways in which a risk can be flagged? Via Rules logic in the template By the respondent By the Approver By a Site Admin in the tool

Via Rules logic in the template By the Approver By a Site Admin in the tool

SELECT ALL CORRECT CHOICES: Risks status can be viewed from which of the following locations in the tool? The Assessments page Within the risk pane in an Assessment The Risk Register The template the Assessment was launched from

Within the risk pane in an Assessment The Risk Register

"Show" logic can only be applied to which types of questions? All Attribute Type Questions ✅Multi-choice Free Text ✅Single-Select

✅Multi-choice ✅Single-Select