Section 43A of the Information Technology (Amendment) Act, 2008 holds____________ accountable for having reasonable security practices and procedures in place to protection sensitive personal data.
Which of the following activities form part of an organization’s Visibility over Personal Information (VPI) initiative, according to DSCI Privacy Framework (DPF®)?
An entity shall retain personal data only as long as may be reasonably necessary to satisfy the purpose for which it is processed; or with respect to an established retention period. This privacy principle is known as?
With respect to privacy monitoring and incident management process, which of the following should be a part of a standard incident handling process?
I) Incident identification and notification
II) Investigation and remediation
III) Root cause analysis
IV) User awareness training on how to report incidents
Which of the following are classified as Sensitive Personal Data or Information under Section 43A of ITAA, 2008? (Choose all that apply.)
Its mandatory for the assessee to provide the pre-requisites to the assessor organization before commencement of the first phase of assessment.
Which of the following provisions of Information Technology (Amendment) Act, 2008 deal with protection of PI or SPDI of Individuals?