DSCI certified Privacy Professional (DCPP) Exam (DCPP-01) - DSCI Actual Exam Questions
Last updated on April 20, 2026
A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?
To determine the risks and effects of collecting, storing and distributing personal information
To evaluate processes for handling personal information for mitigating potential privacy risks
To acknowledge the organization’s role in collecting personal identifiable information
To comply with ISO 27001:2013 standard
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
In relation to "Online Privacy" please pick the incorrect statement:
Online disclosure of "selective" information by a person that is publicly available
The process of obtaining information online that a person can control
People's concerns over the license agreements they sign with any company
People's concern over the way their personal information is used during online activities
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
With respect to privacy notice, what are the responsibilities of data controller?
Providing the notice before or during data collection
Identifying and communication the purposes for which data will be collected, used, and disclosed
Providing notice after the data collection
Providing notice at every instance of data processing
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A ministry under government of India plans to collect citizens’ information related to their education, medical condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of IT (Amendment) Act, 2008, the citizens’ ‘Consent’ would be mandatory for which of the following elements before their collection?
Educational records
Medical condition
Caste and religion
Sec 43A may not be applicable
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Under which of the following conditions can a company in India may transfer sensitive personal information (SPI) to any other company or a person in India, or located in any other country?
Transfer of information is allowed to those who ensure the same level of data protection that is adhered to by the company as provided for under the Indian laws
The transfer of information is allowed only after taking approval of Chief Information Commissioner of India
The transfer of information is allowed only after taking approval of DeitY (Department of Electronics & Information Technology) in India
The transfer may be allowed only if it is necessary for the performance of the lawful contract or where the data subject has consented to data transfer
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.