Atjaunināt sīkdatņu piekrišanu

CIPM Certified Information Privacy Manager All-in-One Exam Guide [Mīkstie vāki]

3.29/5 (9 ratings by Goodreads)
  • Formāts: Paperback / softback, 384 pages, height x width x depth: 231x185x25 mm, weight: 619 g, 70 Illustrations
  • Izdošanas datums: 07-Jul-2021
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260474097
  • ISBN-13: 9781260474091
Citas grāmatas par šo tēmu:
  • Mīkstie vāki
  • Cena: 65,11 €
  • Grāmatu piegādes laiks ir 3-4 nedēļas, ja grāmata ir uz vietas izdevniecības noliktavā. Ja izdevējam nepieciešams publicēt jaunu tirāžu, grāmatas piegāde var aizkavēties.
  • Daudzums:
  • Ielikt grozā
  • Piegādes laiks - 4-6 nedēļas
  • Pievienot vēlmju sarakstam
CIPM Certified Information Privacy Manager All-in-One Exam GuidePalielināt
  • Formāts: Paperback / softback, 384 pages, height x width x depth: 231x185x25 mm, weight: 619 g, 70 Illustrations
  • Izdošanas datums: 07-Jul-2021
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260474097
  • ISBN-13: 9781260474091
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781260474091.html
Keywords:

 This self-study guide covers every topic on the Certified Information Privacy Manager exam

This resource offers complete, up-to-date coverage of all the material included in the current release of the Certified Information Privacy Manager exam. Written by an IT security and privacy expert, CIPM Certified Information Privacy Manager All-in-One Exam Guide covers the exam domains and associated job practices developed by IAPP®. You’ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CIPM exam, this comprehensive guide also serves as an essential on-the-job reference for new and established privacy and security professionals.

COVERS ALL EXAM TOPICS, INCLUDING:

  • Developing a Privacy Program
  • Privacy Program Framework
  • Privacy Operational Lifecycle: Assess
  • Privacy Operational Lifecycle: Protect
  • Privacy Operational Lifecycle: Sustain
  • Privacy Operational Lifecycle: Respond

Online content includes:

  • 300 practice exam questions
  • Test engine that provides full-length practice exams and customizable quizzes by exam topic

Acknowledgments xv
Introduction xvii
Chapter 1 Developing a Privacy Program
1(60)
The Privacy Vision
1(1)
Program Approaches
2(1)
Privacy Objectives
2(1)
Executive Sponsorship
2(1)
Business Alignment
3(2)
Establish a Data Governance Model
5(1)
Data Governance
5(2)
Privacy Governance
7(6)
Establish a Privacy Program
13(1)
Strategy Objectives
13(1)
Risk Objectives
14(1)
Strategy Resources
14(6)
Privacy Program Strategy Development
20(9)
Strategy Constraints
29(2)
Structure the Privacy Team
31(1)
Roles
31(17)
Competency
48(1)
Privacy Program Communications
48(1)
Privacy Training and Awareness
49(4)
Maintaining an Awareness Program
53(1)
Chapter Review
53(2)
Quick Review
55(1)
Questions
56(3)
Answers
59(2)
Chapter 2 Privacy Program Framework
61(76)
Develop the Privacy Program Framework
62(1)
Privacy Charter
62(1)
Developing Privacy Policies
63(2)
Privacy Standards
65(2)
Privacy Laws
67(7)
Establishing Legal Basis for Processing
74(1)
Establishing Legitimate Interest
74(1)
Controls
75(2)
Control Frameworks
77(7)
Data Inventory
84(2)
Data Classification
86(7)
Data Use Governance
93(11)
Implement the Privacy Program Framework
104(1)
Building a Privacy Operation
104(2)
Developing and Running Data Protection Operations
106(1)
Developing and Running Data Monitoring Operations
106(2)
Working with Data Subjects
108(2)
Collecting Consent
110(1)
Working with Authorities
110(1)
Privacy Program Metrics
111(2)
Risk Management Metrics
113(1)
Data Subject Engagement Metrics
113(1)
Data Governance Metrics
114(1)
Program and Process Maturity
114(1)
Performance Measurement
114(1)
Resilience Metrics
115(1)
Convergence Metrics
115(1)
Resource Management Metrics
116(1)
Online Tracking and Behavioral Profiling
116(1)
Tracking Techniques and Technologies
117(7)
Tracking in the Workplace
124(1)
Tracking Prevention
125(3)
Chapter Review
128(1)
Quick Review
129(2)
Questions
131(3)
Answers
134(3)
Chapter 3 Privacy Operational Lifecycle: Assess
137(28)
Privacy Program Baseline
138(1)
Process Maturity
138(1)
Baselining Program Elements
139(1)
Third-Party Risk Management
140(1)
Cloud Service Providers
141(1)
Privacy Regulation Requirements
142(1)
TPRM Life Cycle
143(4)
Physical Assessments
147(1)
Assessing Processing Centers and Work Centers
148(1)
Document Storage
149(1)
Document and Media Destruction
149(1)
Device Security
150(1)
Mergers, Acquisitions, and Divestitures
151(1)
Influencing the Transaction
151(1)
Integrating Programs
152(1)
Privacy Impact Assessments and Data Privacy Impact Assessments
152(1)
Privacy Threshold Analysis
153(1)
PIA Procedure
153(1)
Engaging Data Subjects in a PIA
154(1)
The Necessity of a PIA
154(1)
Integrating into Existing Processes
155(1)
Recordkeeping and Reporting
155(1)
Risks Specific to Privacy
155(2)
Privacy Threats
157(1)
Privacy Countermeasures
158(1)
Chapter Review
159(1)
Quick Review
159(1)
Questions
160(3)
Answers
163(2)
Chapter 4 Privacy Operational Lifecycle: Protect
165(52)
Information Security Practices
165(1)
Identity and Access Management
166(11)
Technical Security Controls
177(16)
Administrative Safeguards
193(3)
Privacy and Security by Design
196(2)
Integrating Privacy into Organization Operations
198(1)
Information Security
198(1)
IT Development and Operations
198(1)
Business Continuity and Disaster Recovery Planning
199(1)
Mergers, Acquisitions, Divestitures
199(1)
Human Resources
199(2)
Compliance and Ethics
201(1)
Audit
201(1)
Marketing
201(1)
Business Development
202(1)
Public Relations
203(1)
Procurement and Sourcing
203(1)
Legal and Contracts
203(1)
Security and Emergency Services
204(1)
Finance
204(1)
Other Functions
205(1)
Other Protection Measures
205(1)
Data Retention and Archiving
205(2)
Data Destruction
207(1)
Data Sharing and Disclosure
207(1)
Costs of Technical Controls
208(2)
Chapter Review
210(1)
Quick Review
211(1)
Questions
211(3)
Answers
214(3)
Chapter 5 Privacy Operational Lifecycle: Sustain
217(28)
Monitoring a Privacy Program
217(1)
Business Process Monitoring
218(1)
Privacy and Security Event Monitoring
219(6)
External Monitoring
225(1)
Control Self-Assessment
225(3)
Auditing Privacy Programs
228(1)
Privacy Audit Scope
228(1)
Privacy Audit Objectives
229(1)
Types of Privacy Audits
229(1)
Privacy Audit Planning
230(2)
Privacy Audit Evidence
232(2)
Auditing Specific Privacy Practices
234(4)
Chapter Review
238(1)
Quick Review
239(1)
Questions
240(2)
Answers
242(3)
Chapter 6 Privacy Operational Lifecycle: Respond
245(20)
Data Subject Requests and Privacy Rights
245(1)
Data Subject Requests
246(3)
Working with Authorities
249(1)
Privacy Incident Response
250(1)
Incident Response Regulations
250(1)
Phases of Incident Response
250(4)
Privacy Incident Response Plan Development
254(4)
Privacy Continuous Improvement
258(1)
Chapter Review
258(1)
Quick Review
259(1)
Questions
260(3)
Answers
263(2)
Appendix A The Risk Management Life Cycle
265(42)
The Risk Management Process
266(3)
Risk Management Methodologies
269(1)
NIST Standards
269(5)
ISO/IEC 27005
274(3)
Factor Analysis of Information Risk
277(1)
Asset Identification
278(1)
Hardware Assets
278(1)
Subsystem and Software Assets
279(1)
Cloud-Based Information Assets
279(1)
Virtual Assets
279(1)
Information Assets
279(1)
Asset Classification
280(1)
Data Classification
281(1)
Asset Valuation
281(1)
Qualitative Asset Valuation
282(1)
Quantitative Asset Valuation
282(1)
Threat Identification
283(1)
Internal Threats
283(3)
External Threats
286(1)
Advanced Persistent Threats
287(1)
Emerging Threats
288(1)
Vulnerability Identification
289(1)
Third-Party Vulnerability Identification
290(2)
Risk Identification
292(1)
Risk, Likelihood, and Impact
293(1)
Likelihood
293(1)
Impact
294(1)
Risk Analysis Techniques and Considerations
295(1)
Information Gathering
295(1)
Qualitative Risk Analysis
296(1)
Semiquantitative Risk Analysis
296(1)
Quantitative Risk Analysis
296(2)
OCTAVE
298(1)
Other Risk Analysis Methodologies
299(1)
Risk Evaluation and Ranking
299(1)
Risk Ownership
300(1)
Risk Treatment
300(4)
Controls
304(1)
Costs and Benefits
304(3)
Appendix B About the Online Content
307(4)
System Requirements
307(1)
Your Total Seminars Training Hub Account
307(1)
Privacy Notice
307(1)
Single User License Terms and Conditions
307(2)
TotalTester Online
309(1)
Technical Support
309(2)
Glossary 311(24)
Index 335
Peter H. Gregory, CIPM®, CISA®, CISM®, CRISC®, CISSP®, CDPSE , CCSK, is a career information technologist, conference speaker, and security leader. He is the senior director of cyber GRC in a telecommunications company and the author of over forty books, including CISA Certified Information Systems Auditor All-in-One Exam Guide, Fourth Edition, and CISM Certified Information Security Manager All-in-One Exam Guide.