Skip to content
HOME
ABOUT
SERVICES
COMPLIANCE SOLUTIONS
CREDIT RATING
DATA PROTECTION COMPLIANCE
ADDRESS VERIFICATION
ENHANCED DUE DILIGENCE
BACKGROUND CHECKS
DEBT RECOVERY
BUSINESS INFORMATION SERVICES
UPDATES
CONTACT
Data Protection & Privacy Compliance Test
Data Protection & Privacy Compliance Test
Ronalds Esealuka
2020-07-07T14:57:00+01:00
Welcome to your Data Protection & Privacy Compliance Test
This Test will run for
20 minutes.
Name
Email
Organisation
Acting in line with the LETTER and the SPIRIT of laid down rules, regulations, guidelines, standards, laws and codes, conventions; either internal or external is referred to as ______
a. Audit
b. Control
c. Compliance
d. Policy
Below are Suspects/culprits involved in Data Protection except:
a. Marketers
b. Employees
c. Facilitators
d. Directors
Some of the rights of data subjects include the following except:
a. Arrest and prosecution
b. Restriction of processing
c. Data portability
d. Objection to Automated decision-making and Profiling
The two types of data we have are?
(a) Manual and hard
(b) Electronic and soft
(c) Manual and electronic
(d) Manual and visual
Upon reporting a breach to
NITDA
by a data subject, Director General may direct action to be taken which may include the following except:
a. Contact the Organisation for enquiry; Review of earlier filed annual report (if any);
b. Data Protection Regulation Compliance Query, Administrative Action, and Prosecution
c. A & B above
d. None of the above
When was the Nigeria Data Protection Regulation (NDPR) issued?
a. 22nd December, 2019
b. 23rd January, 2020
c. 25th February, 2019
d. 25th January, 2019
A specific, deliberate monitoring carried out to identify breaches with the
NDPR
is referred to as_____
a. Monitoring process
b. Surveillance
c. Identification Procedure
d. Detective Framework
The protection of data under the NDPR applies to
(a) the processing of personal data by automated means alone
(b) the processing of personal data by manual means alone
(c) the processing of personal data by automated means as well as to manual processing
(d) None of the above
Data Controllers and Administrators have a duty to report to
NITDA
within __ hours of their knowledge of the breach
a. 24
b. 48
c. 72
d. 96
Which of these is not a factor to look at when considering physical security?
(a) how you control access to your premises, and how visitors are supervised
(b) how you keep IT equipment, particularly mobile devices are secure
(c) how to engage security men in searching for stolen items
(d) the quality of doors and locks, and the protection of your premises by such means as alarms or CCTV
___________ and ____________ are specified in the NDPR as two examples of measures that may be appropriate for you to implement in the control and mitigation of data breach.
(a) Encryption, Corruption
(b) Pseudonymization, Encryption
(c) Control, Mitigation
(d) Pseudonymization, Implementation
Technical measures are sometimes thought of as the protection of personal data held in ______________________
(a) our head
(b) computers and networks
(c) phones and flash drives
(d) office cabinet
_________is fundamentally linked to fairness. Its processing is about being clear, open and honest with people from the start about who you are, how and why you use their personal data.
a. Opening up
b. Data display
c. Transparency
d. Audit/sharing information with regulators
While filing complaints with NITDA, such complaints must meet the following requirements except:
i. must be filed in writing, either on paper or electronically.
ii. must name the person that is the subject of the complaint and describe the acts or omissions believed to be in violation of the applicable provision(s)
iii. NITDA may prescribe additional procedures for the filing of complaints, as well as the place and manner of filing.
a. i
b. i & ii
c. All of the above
d. None of the above
Personal data must be _______, ______ and ______ to what is necessary in relation to the purposes for which they are processed.
a. adequate, relevant, limited
b. detailed, relevant, limited
c. Transparent, adequate, relevant
d. adequate, relevant, complete
Notification of Data Breach to
NITDA
must include the following information except:
a. A description of the circumstances of the loss or unauthorized access or disclosure
b. An assessment of the risk of harm to individuals as a result of the loss or unauthorized access or disclosure
c. A description of any steps the organization has taken to reduce the risk of harm to individuals
d. None of the above
The NDPR provides guidelines for time frame of personal data storage as listed below except:
i. 3 years after the last active use of a digital platform
ii. 6 years after the last transaction in a contractual agreement
iii. Upon presentation of evidence of death by a deceased’s relative
iv. Immediately upon request by the Data Subject or his/her legal guardian where no statutory provision provides otherwise
a. I, ii, iii above
b. I, ii, iv, above
c. All of the above
d. None of the above
Under the accountability principle of NDPR Governance, Data Controllers are “Responsible for compliance and must be able to demonstrate compliance”?
a. True
b. False
Listed below are the NDPR governance except:
i. Lawful, Fairness and Transparency
ii. Purpose Limitation, Data Minimization
iii. Principles, Processes, Programs and Procedures
iv. Integrity and Confidentiality, Accountability
a. All of the above
b. None of the above
c. iii
d. I, ii & iv
Listed below are some elements of Data Cycle except.
a. Collection, Assessment, Usage
b. View, Access, Storage
c. Transmission, Sharing, Copying
d. None of the above
Go to Top
