Cover image for CIPM Certified Information Privacy Manager All-in-One Exam Guide

CIPM Certified Information Privacy Manager All-in-One Exam Guide

Release Date: 2021/06/01
ISBN: 9781260474107
Topic:
0%
19
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

This self-study guide covers every topic on the Certified Information Privacy Manager exam

Take IAPP’s rigorous Certified Information Privacy Manager (CIPM) exam with complete confidence using the comprehensive information contained in this highly effective study guide. The book enhances candidates’ abilities to design, build, and run information privacy management programs.

Written by a security and privacy expert and experienced author, CIPM Certified Information Privacy Manager All-in-One Exam Guide is based on proven pedagogy and thoroughly prepares candidates to pass this exam. Beyond exam preparation, the guide also serves as a valuable on-the-job reference.

•Provides 100% coverage of all eight objectives for the CIPM exam
•Online content includes 300 practice questions in the Total Tester exam engine
•Written by a security and privacy expert, educator, and experienced author

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. Contents at a Glance
  6. Contents
  7. Acknowledgments
  8. Introduction
  9. Chapter 1 Developing a Privacy Program
    1. The Privacy Vision
    2. Program Approaches
    3. Privacy Objectives
    4. Executive Sponsorship
    5. Business Alignment
    6. Establish a Data Governance Model
    7. Data Governance
    8. Privacy Governance
    9. Establish a Privacy Program
    10. Strategy Objectives
    11. Risk Objectives
    12. Strategy Resources
    13. Privacy Program Strategy Development
    14. Strategy Constraints
    15. Structure the Privacy Team
    16. Roles
    17. Competency
    18. Privacy Program Communications
    19. Privacy Training and Awareness
    20. Maintaining an Awareness Program
    21. Chapter Review
    22. Quick Review
    23. Questions
    24. Answers
  10. Chapter 2 Privacy Program Framework
    1. Develop the Privacy Program Framework
    2. Privacy Charter
    3. Developing Privacy Policies
    4. Privacy Standards
    5. Privacy Laws
    6. Establishing Legal Basis for Processing
    7. Establishing Legitimate Interest
    8. Controls
    9. Control Frameworks
    10. Data Inventory
    11. Data Classification
    12. Data Use Governance
    13. Implement the Privacy Program Framework
    14. Building a Privacy Operation
    15. Developing and Running Data Protection Operations
    16. Developing and Running Data Monitoring Operations
    17. Working with Data Subjects
    18. Collecting Consent
    19. Working with Authorities
    20. Privacy Program Metrics
    21. Risk Management Metrics
    22. Data Subject Engagement Metrics
    23. Data Governance Metrics
    24. Program and Process Maturity
    25. Performance Measurement
    26. Resilience Metrics
    27. Convergence Metrics
    28. Resource Management Metrics
    29. Online Tracking and Behavioral Profiling
    30. Tracking Techniques and Technologies
    31. Tracking in the Workplace
    32. Tracking Prevention
    33. Chapter Review
    34. Quick Review
    35. Questions
    36. Answers
  11. Chapter 3 Privacy Operational Lifecycle: Assess
    1. Privacy Program Baseline
    2. Process Maturity
    3. Baselining Program Elements
    4. Third-Party Risk Management
    5. Cloud Service Providers
    6. Privacy Regulation Requirements
    7. TPRM Life Cycle
    8. Physical Assessments
    9. Assessing Processing Centers and Work Centers
    10. Document Storage
    11. Document and Media Destruction
    12. Device Security
    13. Mergers, Acquisitions, and Divestitures
    14. Influencing the Transaction
    15. Integrating Programs
    16. Privacy Impact Assessments and Data Privacy Impact Assessments
    17. Privacy Threshold Analysis
    18. PIA Procedure
    19. Engaging Data Subjects in a PIA
    20. The Necessity of a PIA
    21. Integrating into Existing Processes
    22. Recordkeeping and Reporting
    23. Risks Specific to Privacy
    24. Privacy Threats
    25. Privacy Countermeasures
    26. Chapter Review
    27. Quick Review
    28. Questions
    29. Answers
  12. Chapter 4 Privacy Operational Lifecycle: Protect
    1. Information Security Practices
    2. Identity and Access Management
    3. Technical Security Controls
    4. Administrative Safeguards
    5. Privacy and Security by Design
    6. Integrating Privacy into Organization Operations
    7. Information Security
    8. IT Development and Operations
    9. Business Continuity and Disaster Recovery Planning
    10. Mergers, Acquisitions, Divestitures
    11. Human Resources
    12. Compliance and Ethics
    13. Audit
    14. Marketing
    15. Business Development
    16. Public Relations
    17. Procurement and Sourcing
    18. Legal and Contracts
    19. Security and Emergency Services
    20. Finance
    21. Other Functions
    22. Other Protection Measures
    23. Data Retention and Archiving
    24. Data Destruction
    25. Data Sharing and Disclosure
    26. Costs of Technical Controls
    27. Chapter Review
    28. Quick Review
    29. Questions
    30. Answers
  13. Chapter 5 Privacy Operational Lifecycle: Sustain
    1. Monitoring a Privacy Program
    2. Business Process Monitoring
    3. Privacy and Security Event Monitoring
    4. External Monitoring
    5. Control Self-Assessment
    6. Auditing Privacy Programs
    7. Privacy Audit Scope
    8. Privacy Audit Objectives
    9. Types of Privacy Audits
    10. Privacy Audit Planning
    11. Privacy Audit Evidence
    12. Auditing Specific Privacy Practices
    13. Chapter Review
    14. Quick Review
    15. Questions
    16. Answers
  14. Chapter 6 Privacy Operational Lifecycle: Respond
    1. Data Subject Requests and Privacy Rights
    2. Data Subject Requests
    3. Working with Authorities
    4. Privacy Incident Response
    5. Incident Response Regulations
    6. Phases of Incident Response
    7. Privacy Incident Response Plan Development
    8. Privacy Continuous Improvement
    9. Chapter Review
    10. Quick Review
    11. Questions
    12. Answers
  15. Appendix A The Risk Management Life Cycle
    1. The Risk Management Process
    2. Risk Management Methodologies
    3. NIST Standards
    4. ISO/IEC 27005
    5. Factor Analysis of Information Risk
    6. Asset Identification
    7. Hardware Assets
    8. Subsystem and Software Assets
    9. Cloud-Based Information Assets
    10. Virtual Assets
    11. Information Assets
    12. Asset Classification
    13. Data Classification
    14. Asset Valuation
    15. Qualitative Asset Valuation
    16. Quantitative Asset Valuation
    17. Threat Identification
    18. Internal Threats
    19. External Threats
    20. Advanced Persistent Threats
    21. Emerging Threats
    22. Vulnerability Identification
    23. Third-Party Vulnerability Identification
    24. Risk Identification
    25. Risk, Likelihood, and Impact
    26. Likelihood
    27. Impact
    28. Risk Analysis Techniques and Considerations
    29. Information Gathering
    30. Qualitative Risk Analysis
    31. Semiquantitative Risk Analysis
    32. Quantitative Risk Analysis
    33. OCTAVE
    34. Other Risk Analysis Methodologies
    35. Risk Evaluation and Ranking
    36. Risk Ownership
    37. Risk Treatment
    38. Controls
    39. Costs and Benefits
  16. Appendix B About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
    3. Privacy Notice
    4. Single User License Terms and Conditions
    5. TotalTester Online
    6. Technical Support
  17. Glossary
  18. Index
3.144.96.159