Full CIPP/E exam question and answers graded A+ already passed 2023

Full CIPP/E exam question and answers graded A+ already passed 2023Accountability - correct answer The implementation of appropriate *technical and organisational measures* to ensure and be able to *demonstrate* that the handling of personal data is performed in accordance with relevant law, an idea codified in the EU General Data Protection Regulation and other frameworks, including APEC's Cross Border Privacy Rules. Traditionally has been a *fair information practices principle*, that due diligence and reasonable steps will be undertaken to ensure that personal information will be protected and handled consistently with relevant law and other fair use principles. Accuracy - correct answer Organizations must take every *reasonable* step to ensure the data processed is this and, where *necessary*, kept up to date. Reasonable measures should be understood as implementing processes to prevent inaccuracies during the data collection process as well as during the ongoing data processing in relation to the specific use for which the data is processed. The organization must consider the type of data and the specific purposes to maintain the accuracy of personal data in relation to the purpose. Also embodies the responsibility to respond to data subject requests to correct records that contain incomplete information or misinformation. Adequate Level of Protection - correct answer A transfer of personal data from the European Union to a third country or an international organisation may take place where the European Commission has decided that the third country, a territory or one or more specified sectors within that third country, or the international organisation in question, ensures this by taking into account the *following elements*: *(a)* the rule of law, respect for *human rights* and fundamental freedoms, both *general and sectoral legislation*, data protection rules, professional rules and security measures, effective and *enforceable data subject rights* and *effective administrative and judicial redress* for the data subjects whose personal data is being transferred; *(b)* the existence and *effective* functioning of independent *supervisory authorities* with responsibility for ensuring and enforcing compliance with the data protection rules; (c) the *international commitments* the third country or international organisation concerned has entered into in relation *to the protection of personal data*. Annual Reports - correct answer The requirement under the GDPR that the European Data Protection Board and each supervisory authority *periodically report on their activities*. The supervisory authority report should include infringements and the activities that the authority conducted under their Article 58(2) powers. The EDPB report should include *guidelines, recommendations, best practices and binding decisions*. Additionally, the report should include the protection of natural persons with regard to