Details
IAPP CIPM Certified Information Privacy Manager Study Guide
1. Aufl.
|
38,99 € |
|
| Verlag: | Wiley |
| Format: | |
| Veröffentl.: | 19.01.2023 |
| ISBN/EAN: | 9781394160068 |
| Sprache: | englisch |
| Anzahl Seiten: | 288 |
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.
Beschreibungen
<p><b>An essential resource for anyone preparing for the CIPM certification exam and a career in information privacy</b> <p>As cybersecurity and privacy become ever more important to the long-term viability and sustainability of enterprises in all sectors, employers and professionals are increasingly turning to IAPP’s trusted and recognized Certified Information Privacy Manager qualification as a tried-and-tested indicator of information privacy management expertise. <p>In <i>IAPP CIPM Certified Information Privacy Manager Study Guide</i>, a team of dedicated IT and privacy management professionals delivers an intuitive roadmap to preparing for the CIPM certification exam and for a new career in the field of information privacy. Make use of pre-assessments, the Exam Essentials feature, and chapter review questions with detailed explanations to gauge your progress and determine where you’re proficient and where you need more practice. <p>In the book, you’ll find coverage of every domain tested on the CIPM exam and those required to succeed in your first—or your next—role in a privacy-related position. You’ll learn to develop a privacy program and framework, as well as manage the full privacy program operational lifecycle, from assessing your organization’s needs to responding to threats and queries. <p>The book also includes: <ul> <li>A head-start to obtaining an in-demand certification used across the information privacy industry</li> <li>Access to essential information required to qualify for exciting new career opportunities for those with a CIPM credential</li> <li>Access to the online Sybex learning environment, complete with two additional practice tests, chapter review questions, an online glossary, and hundreds of electronic flashcards for efficient studying</li></ul><p>An essential blueprint for success on the CIPM certification exam, <i>IAPP CIPM Certified Information Privacy Manager Study Guide</i> will also ensure you hit the ground running on your first day at a new information privacy-related job.
<p>Introduction xvii</p> <p>Assessment Test xxvii</p> <p><b>Chapter 1 Developing a Privacy Program 1</b></p> <p><b>Introduction to Privacy 3</b></p> <p>What Is Privacy? 4</p> <p>What Is Personal Information? 5</p> <p>What Isn’t Personal Information? 5</p> <p>Why Should We Care about Privacy? 8</p> <p>Generally Accepted Privacy Principles 9</p> <p>Management 10</p> <p>Notice 11</p> <p>Choice and Consent 11</p> <p>Collection 12</p> <p>Use, Retention, and Disposal 12</p> <p>Access 13</p> <p>Disclosure to Third Parties 14</p> <p>Security for Privacy 14</p> <p>Quality 15</p> <p>Monitoring and Enforcement 16</p> <p>Developing a Privacy Program 16</p> <p>Crafting Vision, Strategy, Goals, and Objectives 17</p> <p>Structuring the Privacy Team 20</p> <p>Creating a Program Scope and Charter 22</p> <p>Privacy Roles 25</p> <p>Building Inventories 25</p> <p>Conducting a Privacy Assessment 26</p> <p>Implementing Privacy Controls 27</p> <p>Ongoing Operation and Monitoring 27</p> <p>Data Governance 28</p> <p>Data Governance Approaches 28</p> <p>Data Governance Roles 29</p> <p>Access Requirements 29</p> <p>Governing Information Processing 31</p> <p>Managing the Privacy Budget 31</p> <p>Organizational Budgeting 32</p> <p>Expense Types 32</p> <p>Budget Monitoring 33</p> <p>Communicating about Privacy 34</p> <p>Creating Awareness 34</p> <p>Building a Communications Plan 35</p> <p>Privacy Program Operational Life Cycle 36</p> <p>Summary 36</p> <p>Exam Essentials 37</p> <p>Review Questions 38</p> <p><b>Chapter 2 Privacy Program Framework 43</b></p> <p>Develop the Privacy Program Framework 44</p> <p>Examples of Privacy Frameworks 44</p> <p>Develop Privacy Policies, Procedures, Standards, and Guidelines 51</p> <p>Define Privacy Program Activities 52</p> <p>Implement the Privacy Program Framework 57</p> <p>Communicate the Framework 57</p> <p>Aligning with Applicable Laws and Regulations 58</p> <p>Develop Appropriate Metrics 78</p> <p>Identify Intended Audience for Metrics 79</p> <p>Define Privacy Metrics for Oversight and Governance per Audience 80</p> <p>Summary 83</p> <p>Exam Essentials 84</p> <p>Review Questions 86</p> <p><b>Chapter 3 Privacy Operational Life Cycle: Assess 91</b></p> <p>Document Your Privacy Program Baseline 93</p> <p>Education and Awareness 94</p> <p>Monitoring and Responding to the Regulatory Environment 94</p> <p>Assess Policy Compliance against Internal and External Requirements 94</p> <p>Data, Systems, and Process Assessment 95</p> <p>Risk Assessment Methods 96</p> <p>Incident Management, Response, and Remediation 97</p> <p>Perform Gap Analysis against an Accepted Standard or Law 97</p> <p>Program Assurance 97</p> <p>Processors and Third- Party Vendor Assessment 98</p> <p>Evaluate Processors and Third- Party Vendors 99</p> <p>Understand Sources of Information 99</p> <p>Risk Assessment 100</p> <p>Contractual Requirements and Ongoing Monitoring 102</p> <p>Physical Assessments 102</p> <p>Mergers, Acquisitions, and Divestitures 103</p> <p>Privacy Assessments and Documentation 105</p> <p>Privacy Threshold Analyses (PTAs) 105</p> <p>Define a Process for Conducting Privacy Assessments 105</p> <p>Summary 108</p> <p>Exam Essentials 108</p> <p>Review Questions 110</p> <p><b>Chapter 4 Privacy Operational Life Cycle: Protect 115</b></p> <p>Privacy and Cybersecurity 117</p> <p>Cybersecurity Goals 117</p> <p>Relationship between Privacy and Cybersecurity 118</p> <p>Cybersecurity Controls 119</p> <p>Security Control Categories 120</p> <p>Security Control Types 120</p> <p>Data Protection 121</p> <p>Data Encryption 121</p> <p>Data Loss Prevention 122</p> <p>Data Minimization 123</p> <p>Backups 124</p> <p>Policy Framework 125</p> <p>Cybersecurity Policies 126</p> <p>Cybersecurity Standards 128</p> <p>Cybersecurity Procedures 129</p> <p>Cybersecurity Guidelines 130</p> <p>Exceptions and Compensating Controls 131</p> <p>Developing Policies 133</p> <p>Identity and Access Management 133</p> <p>Least Privilege 134</p> <p>Identification, Authentication, and Authorization 134</p> <p>Authentication Techniques 135</p> <p>Provisioning and Deprovisioning 137</p> <p>Account and Privilege Management 138</p> <p>Privacy by Design 139</p> <p>Privacy and the SDLC 140</p> <p>System Development Phases 141</p> <p>System Development Models 142</p> <p>Integrating Privacy with Business Processes 146</p> <p>Vulnerability Management 146</p> <p>Vulnerability Scanning 147</p> <p>Vulnerability Remediation 147</p> <p>Data Policies 149</p> <p>Data Sharing 149</p> <p>Data Retention 149</p> <p>Data Destruction 150</p> <p>Summary 151</p> <p>Exam Essentials 151</p> <p>Review Questions 153</p> <p><b>Chapter 5 Privacy Operational Life Cycle: Sustain 157</b></p> <p>Monitor 158</p> <p>Monitoring the Environment 159</p> <p>Monitor Compliance with Privacy Policies 160</p> <p>Monitor Regulatory Changes 160</p> <p>Compliance Monitoring 161</p> <p>Audit 162</p> <p>Aligning with Audits 163</p> <p>Audit Focus 164</p> <p>Summary 167</p> <p>Exam Essentials 168</p> <p>Review Questions 170</p> <p><b>Chapter 6 Privacy Operational Life Cycle: Respond 175</b></p> <p>Data Subject Rights 176</p> <p>Access 177</p> <p>Managing Data Integrity 178</p> <p>Right of Erasure 178</p> <p>Right to Be Informed 180</p> <p>Control over Use 180</p> <p>Complaints 181</p> <p>Handling Information Requests 181</p> <p>Incident Response Planning 182</p> <p>Stakeholder Identification 182</p> <p>Building an Incident Oversight Team 183</p> <p>Building the Incident Response Plan 184</p> <p>Integrating the Plan with Other Functions 187</p> <p>Incident Detection 187</p> <p>Security and Privacy Incidents 187</p> <p>Security Events and Incidents 188</p> <p>Privacy Incidents 188</p> <p>Reporting Privacy Incidents 189</p> <p>Coordination and Information Sharing 190</p> <p>Internal Communications 191</p> <p>External Communications 191</p> <p>Breach Notification 192</p> <p>Incident Handling 192</p> <p>Risk Assessment 193</p> <p>Containment Activities 193</p> <p>Remediation Measures 194</p> <p>Ongoing Communications 195</p> <p>Post- Incident Activity 196</p> <p>Planning for Business Continuity 198</p> <p>Project Scope and Planning 200</p> <p>Business Impact Analysis 204</p> <p>Continuity Planning 211</p> <p>Plan Approval and Implementation 213</p> <p>Summary 218</p> <p>Exam Essentials 219</p> <p>Review Questions 221</p> <p>Appendix Answers to Review Questions 225</p> <p>Chapter 1: Developing a Privacy Program 226</p> <p>Chapter 2: Privacy Program Framework 228</p> <p>Chapter 3: Privacy Operational Life Cycle: Assess 229</p> <p>Chapter 4: Privacy Operational Life Cycle: Protect 231</p> <p>Chapter 5: Privacy Operational Life Cycle: Sustain 233</p> <p>Chapter 6: Privacy Operational Life Cycle: Respond 235</p> <p>Index 239</p>
<p><B>ABOUT THE AUTHORS</b> <p><b>Mike Chapple, PhD, CIPM,</b> is Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame’s Mendoza College of Business. He is the bestselling author of over 25 books and serves as the Academic Director of the University’s Master of Science in Business Analytics program.</B> <p><b>Joe Shelley, CIPM,</b> is the Vice President for Libraries and Information Technology at Hamilton College in New York. He oversees information security and privacy programs, IT risk management, business intelligence and analytics, and data governance.
<p><b>An essential, step-by-step roadmap to preparing for the CIPM certification</b> <p>The <i>IAPP<sup>®</sup> CIPM Certified Information Privacy Manager Study Guide</i> is your comprehensive resource for one-stop coverage of the challenging CIPM certification exam. This Sybex Study Guide covers 100% of the CIPM domains. Prepare for the exam faster and smarter with Sybex using efficient and accurate content including, assessment tests that validate and measure exam readiness, objective maps, real-world examples and scenarios, and instructive chapter review questions. Reinforce and retain what you’ve learned with the Sybex online learning environment and test bank, accessible across multiple devices. Get prepared for the Certified Information Privacy Manager (CIPM) exam with Sybex. <p><b>Coverage of 100% of all exam objectives in this Study Guide means you’ll be ready for:</b> <ul><li>Developing a Privacy Program</li> <li>Privacy Program Framework</li> <li>Privacy Operational Life Cycle: Assess</li> <li>Privacy Operational Life Cycle: Protect</li> <li>Privacy Operational Life Cycle: Sustain</li> <li>Privacy Operational Life Cycle: Respond</li></ul> <P><B>ABOUT THE CERTIFIED INFORMATION PRIVACY MANAGER PROGRAM</B> <p>The Certified Information Privacy Manager (CIPM) certification is the ideal credential for privacy leaders with comprehensive understanding of the full privacy program lifecycle, including the assessment, establishment, maintenance, and management of privacy services. Visit https://iapp.org/certify/cipm/ for more information. <p><b>Interactive learning environment</b> <p>Take your exam prep to the next level with Sybex’s superior interactive online study tools. To access our learning environment, simply visit <b>www.wiley.com/go/sybextestprep</b>, register your book to receive your unique PIN, and instantly gain one year of FREE access after activation to: <ul><li><b>Interactive test bank </b>with 2 practice exams to help you identify areas where further review is needed. Get more than 90% of the answers correct, and you’re ready to take the certification exam</li> <li><b>100 electronic flashcards </b>to reinforce learning and last-minute prep before the exam</li> <li><b>Comprehensive glossary</b> in PDF format gives you instant access to the key terms so you are fully prepared</li></ul>
Diese Produkte könnten Sie auch interessieren:
CompTIA A+ Certification All-In-One Desk Reference For Dummies
von: Glen E. Clarke, Edward Tetz
26,99 €
