book

CIPM Certified Information Privacy Manager All-in-One Exam Guide

Name: CIPM Certified Information Privacy Manager All-in-One Exam Guide
Author: Peter H. Gregory
ISBN: 9781260474107

by Peter H. Gregory

June 2021

Intermediate to advanced

384 pages

11h 56m

English

McGraw-Hill

Read now

Unlock full access

Cover
Title Page
Copyright Page
Dedication
Contents at a Glance
Contents
Acknowledgments
Introduction
Chapter 1 Developing a Privacy Program
The Privacy VisionProgram ApproachesPrivacy ObjectivesExecutive SponsorshipBusiness AlignmentEstablish a Data Governance ModelData GovernancePrivacy GovernanceEstablish a Privacy ProgramStrategy ObjectivesRisk ObjectivesStrategy ResourcesPrivacy Program Strategy DevelopmentStrategy ConstraintsStructure the Privacy TeamRolesCompetencyPrivacy Program CommunicationsPrivacy Training and AwarenessMaintaining an Awareness ProgramChapter ReviewQuick ReviewQuestionsAnswers
Chapter 2 Privacy Program Framework
Develop the Privacy Program FrameworkPrivacy CharterDeveloping Privacy PoliciesPrivacy StandardsPrivacy LawsEstablishing Legal Basis for ProcessingEstablishing Legitimate InterestControlsControl FrameworksData InventoryData ClassificationData Use GovernanceImplement the Privacy Program FrameworkBuilding a Privacy OperationDeveloping and Running Data Protection OperationsDeveloping and Running Data Monitoring OperationsWorking with Data SubjectsCollecting ConsentWorking with AuthoritiesPrivacy Program MetricsRisk Management MetricsData Subject Engagement MetricsData Governance MetricsProgram and Process MaturityPerformance MeasurementResilience MetricsConvergence MetricsResource Management MetricsOnline Tracking and Behavioral ProfilingTracking Techniques and TechnologiesTracking in the WorkplaceTracking PreventionChapter ReviewQuick ReviewQuestionsAnswers

Chapter 3 Privacy Operational Lifecycle: Assess
Privacy Program BaselineProcess MaturityBaselining Program ElementsThird-Party Risk ManagementCloud Service ProvidersPrivacy Regulation RequirementsTPRM Life CyclePhysical AssessmentsAssessing Processing Centers and Work CentersDocument StorageDocument and Media DestructionDevice SecurityMergers, Acquisitions, and DivestituresInfluencing the TransactionIntegrating ProgramsPrivacy Impact Assessments and Data Privacy Impact AssessmentsPrivacy Threshold AnalysisPIA ProcedureEngaging Data Subjects in a PIAThe Necessity of a PIAIntegrating into Existing ProcessesRecordkeeping and ReportingRisks Specific to PrivacyPrivacy ThreatsPrivacy CountermeasuresChapter ReviewQuick ReviewQuestionsAnswers
Chapter 4 Privacy Operational Lifecycle: Protect
Information Security PracticesIdentity and Access ManagementTechnical Security ControlsAdministrative SafeguardsPrivacy and Security by DesignIntegrating Privacy into Organization OperationsInformation SecurityIT Development and OperationsBusiness Continuity and Disaster Recovery PlanningMergers, Acquisitions, DivestituresHuman ResourcesCompliance and EthicsAuditMarketingBusiness DevelopmentPublic RelationsProcurement and SourcingLegal and ContractsSecurity and Emergency ServicesFinanceOther FunctionsOther Protection MeasuresData Retention and ArchivingData DestructionData Sharing and DisclosureCosts of Technical ControlsChapter ReviewQuick ReviewQuestionsAnswers
Chapter 5 Privacy Operational Lifecycle: Sustain
Monitoring a Privacy ProgramBusiness Process MonitoringPrivacy and Security Event MonitoringExternal MonitoringControl Self-AssessmentAuditing Privacy ProgramsPrivacy Audit ScopePrivacy Audit ObjectivesTypes of Privacy AuditsPrivacy Audit PlanningPrivacy Audit EvidenceAuditing Specific Privacy PracticesChapter ReviewQuick ReviewQuestionsAnswers
Chapter 6 Privacy Operational Lifecycle: Respond
Data Subject Requests and Privacy RightsData Subject RequestsWorking with AuthoritiesPrivacy Incident ResponseIncident Response RegulationsPhases of Incident ResponsePrivacy Incident Response Plan DevelopmentPrivacy Continuous ImprovementChapter ReviewQuick ReviewQuestionsAnswers
Appendix A The Risk Management Life Cycle
The Risk Management ProcessRisk Management MethodologiesNIST StandardsISO/IEC 27005Factor Analysis of Information RiskAsset IdentificationHardware AssetsSubsystem and Software AssetsCloud-Based Information AssetsVirtual AssetsInformation AssetsAsset ClassificationData ClassificationAsset ValuationQualitative Asset ValuationQuantitative Asset ValuationThreat IdentificationInternal ThreatsExternal ThreatsAdvanced Persistent ThreatsEmerging ThreatsVulnerability IdentificationThird-Party Vulnerability IdentificationRisk IdentificationRisk, Likelihood, and ImpactLikelihoodImpactRisk Analysis Techniques and ConsiderationsInformation GatheringQualitative Risk AnalysisSemiquantitative Risk AnalysisQuantitative Risk AnalysisOCTAVEOther Risk Analysis MethodologiesRisk Evaluation and RankingRisk OwnershipRisk TreatmentControlsCosts and Benefits
Appendix B About the Online Content
System RequirementsYour Total Seminars Training Hub AccountPrivacy NoticeSingle User License Terms and ConditionsTotalTester OnlineTechnical Support
Glossary
Index

Content preview from CIPM Certified Information Privacy Manager All-in-One Exam Guide

CHAPTER 2 Privacy Program Framework

In this chapter, you will learn about

• Components of a privacy program framework

• Privacy policy, standards, processes, controls, and guidelines

• Well-known control frameworks

• Significant privacy laws and regulations

• Data governance and data management

• Data classification, data retention, and data loss prevention

• Data minimization and de-identification

• Working with data subjects

• Privacy metrics

• Tracking technologies and countermeasures

This chapter covers the Certified Information Privacy Manager job practice II, “Privacy Program Framework.” The domain represents approximately 14 percent of the CIPM examination.

When properly implemented, governance is a process whereby ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

IAPP CIPM Certified Information Privacy Manager Study Guide

Publisher Resources

ISBN: 9781260474107

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

CIPM Certified Information Privacy Manager All-in-One Exam Guide

by Peter H. Gregory

CHAPTER 2

Privacy Program Framework

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.