BCS PDP9
Q: 1
Which of the following would NOT be a personal data breach'?
Options
Q: 2
A company has twenty retail outlets in France and thirty retail outlets in Belgium The payroll
department and the Data Protection Officer are based in Poland. The Company Board and
administrative functions are based in Germany. Determine where the company's 'main
establishment' would be
Options
Q: 3
A UK public body has a security breach, in which the details of a hundred thousand members of the
public are published What is the MAXIMUM fine that they could receive for this breach?
Options
Q: 4
Who is entitled to a private life by law in the UK?
Options
Q: 5
When were data protection rights first introduced into UK law'?
Options
Q: 6
Of the following options which is NOT a purpose of carrying out a Data Protection Impact Assessment
(DPIA)?
Options
Q: 7
Where a processor engages another processor ("sub-processor") to carry out processing activities on
behalf of a controller, which of the following statements is CORRECT?
Options
Q: 8
How are data sharing practices governed by data protection law?
Options
Q: 9
Two businesses decide to work together to sell their products by mail order Orders are made via a
single online website and they each use their existing employees to administer and update each
other's orders on a single order system regardless of product.
Which of the below is CORRECT of the roles of the two businesses in relation to the single order
system'?
Options
Q: 10
Which of the following statements MOST accurately describes the potential impact of Al on the
principle of transparency?
Options
Question 1 of 10
