Overview

An essential resource for anyone preparing for the CIPM certification exam and a career in information privacy As cybersecurity and privacy become ever more important to the long-term viability and sustainability of enterprises in all sectors, employers and professionals are increasingly turning to IAPP’s trusted and recognized Certified Information Privacy Manager qualification as a tried-and-tested indicator of information privacy management expertise. In IAPP CIPM Certified Information Privacy Manager Study Guide, a team of dedicated IT and privacy management professionals delivers an intuitive roadmap to preparing for the CIPM certification exam and for a new career in the field of information privacy. Make use of pre-assessments, the Exam Essentials feature, and chapter review questions with detailed explanations to gauge your progress and determine where you’re proficient and where you need more practice. In the book, you’ll find coverage of every domain tested on the CIPM exam and those required to succeed in your first—or your next—role in a privacy-related position. You’ll learn to develop a privacy program and framework, as well as manage the full privacy program operational lifecycle, from assessing your organization’s needs to responding to threats and queries. The book also includes: A head-start to obtaining an in-demand certification used across the information privacy industry Access to essential information required to qualify for exciting new career opportunities for those with a CIPM credential Access to the online Sybex learning environment, complete with two additional practice tests, chapter review questions, an online glossary, and hundreds of electronic flashcards for efficient studying An essential blueprint for success on the CIPM certification exam, IAPP CIPM Certified Information Privacy Manager Study Guide will also ensure you hit the ground running on your first day at a new information privacy-related job.

Full Product Details

Author:   Mike Chapple (University of Notre Dame) ,  Joe Shelley
Publisher:   John Wiley & Sons Inc
Imprint:   Sybex Inc.,U.S.
Dimensions:   Width: 18.50cm , Height: 1.80cm , Length: 22.90cm
Weight:   0.408kg
ISBN:  

9781394153800

ISBN 10:   1394153805
Pages:   288
Publication Date:   07 February 2023
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Paperback
Publisher's Status:   Active
Availability:   In stock  
We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately.

Table of Contents

Introduction xvii Assessment Test xxvii Chapter 1 Developing a Privacy Program 1 Introduction to Privacy 3 What Is Privacy? 4 What Is Personal Information? 5 What Isn’t Personal Information? 5 Why Should We Care about Privacy? 8 Generally Accepted Privacy Principles 9 Management 10 Notice 11 Choice and Consent 11 Collection 12 Use, Retention, and Disposal 12 Access 13 Disclosure to Third Parties 14 Security for Privacy 14 Quality 15 Monitoring and Enforcement 16 Developing a Privacy Program 16 Crafting Vision, Strategy, Goals, and Objectives 17 Structuring the Privacy Team 20 Creating a Program Scope and Charter 22 Privacy Roles 25 Building Inventories 25 Conducting a Privacy Assessment 26 Implementing Privacy Controls 27 Ongoing Operation and Monitoring 27 Data Governance 28 Data Governance Approaches 28 Data Governance Roles 29 Access Requirements 29 Governing Information Processing 31 Managing the Privacy Budget 31 Organizational Budgeting 32 Expense Types 32 Budget Monitoring 33 Communicating about Privacy 34 Creating Awareness 34 Building a Communications Plan 35 Privacy Program Operational Life Cycle 36 Summary 36 Exam Essentials 37 Review Questions 38 Chapter 2 Privacy Program Framework 43 Develop the Privacy Program Framework 44 Examples of Privacy Frameworks 44 Develop Privacy Policies, Procedures, Standards, and Guidelines 51 Define Privacy Program Activities 52 Implement the Privacy Program Framework 57 Communicate the Framework 57 Aligning with Applicable Laws and Regulations 58 Develop Appropriate Metrics 78 Identify Intended Audience for Metrics 79 Define Privacy Metrics for Oversight and Governance per Audience 80 Summary 83 Exam Essentials 84 Review Questions 86 Chapter 3 Privacy Operational Life Cycle: Assess 91 Document Your Privacy Program Baseline 93 Education and Awareness 94 Monitoring and Responding to the Regulatory Environment 94 Assess Policy Compliance against Internal and External Requirements 94 Data, Systems, and Process Assessment 95 Risk Assessment Methods 96 Incident Management, Response, and Remediation 97 Perform Gap Analysis against an Accepted Standard or Law 97 Program Assurance 97 Processors and Third- Party Vendor Assessment 98 Evaluate Processors and Third- Party Vendors 99 Understand Sources of Information 99 Risk Assessment 100 Contractual Requirements and Ongoing Monitoring 102 Physical Assessments 102 Mergers, Acquisitions, and Divestitures 103 Privacy Assessments and Documentation 105 Privacy Threshold Analyses (PTAs) 105 Define a Process for Conducting Privacy Assessments 105 Summary 108 Exam Essentials 108 Review Questions 110 Chapter 4 Privacy Operational Life Cycle: Protect 115 Privacy and Cybersecurity 117 Cybersecurity Goals 117 Relationship between Privacy and Cybersecurity 118 Cybersecurity Controls 119 Security Control Categories 120 Security Control Types 120 Data Protection 121 Data Encryption 121 Data Loss Prevention 122 Data Minimization 123 Backups 124 Policy Framework 125 Cybersecurity Policies 126 Cybersecurity Standards 128 Cybersecurity Procedures 129 Cybersecurity Guidelines 130 Exceptions and Compensating Controls 131 Developing Policies 133 Identity and Access Management 133 Least Privilege 134 Identification, Authentication, and Authorization 134 Authentication Techniques 135 Provisioning and Deprovisioning 137 Account and Privilege Management 138 Privacy by Design 139 Privacy and the SDLC 140 System Development Phases 141 System Development Models 142 Integrating Privacy with Business Processes 146 Vulnerability Management 146 Vulnerability Scanning 147 Vulnerability Remediation 147 Data Policies 149 Data Sharing 149 Data Retention 149 Data Destruction 150 Summary 151 Exam Essentials 151 Review Questions 153 Chapter 5 Privacy Operational Life Cycle: Sustain 157 Monitor 158 Monitoring the Environment 159 Monitor Compliance with Privacy Policies 160 Monitor Regulatory Changes 160 Compliance Monitoring 161 Audit 162 Aligning with Audits 163 Audit Focus 164 Summary 167 Exam Essentials 168 Review Questions 170 Chapter 6 Privacy Operational Life Cycle: Respond 175 Data Subject Rights 176 Access 177 Managing Data Integrity 178 Right of Erasure 178 Right to Be Informed 180 Control over Use 180 Complaints 181 Handling Information Requests 181 Incident Response Planning 182 Stakeholder Identification 182 Building an Incident Oversight Team 183 Building the Incident Response Plan 184 Integrating the Plan with Other Functions 187 Incident Detection 187 Security and Privacy Incidents 187 Security Events and Incidents 188 Privacy Incidents 188 Reporting Privacy Incidents 189 Coordination and Information Sharing 190 Internal Communications 191 External Communications 191 Breach Notification 192 Incident Handling 192 Risk Assessment 193 Containment Activities 193 Remediation Measures 194 Ongoing Communications 195 Post- Incident Activity 196 Planning for Business Continuity 198 Project Scope and Planning 200 Business Impact Analysis 204 Continuity Planning 211 Plan Approval and Implementation 213 Summary 218 Exam Essentials 219 Review Questions 221 Appendix Answers to Review Questions 225 Chapter 1: Developing a Privacy Program 226 Chapter 2: Privacy Program Framework 228 Chapter 3: Privacy Operational Life Cycle: Assess 229 Chapter 4: Privacy Operational Life Cycle: Protect 231 Chapter 5: Privacy Operational Life Cycle: Sustain 233 Chapter 6: Privacy Operational Life Cycle: Respond 235 Index 239

Reviews

Author Information

ABOUT THE AUTHORS Mike Chapple, PhD, CIPM, is Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame’s Mendoza College of Business. He is the bestselling author of over 25 books and serves as the Academic Director of the University’s Master of Science in Business Analytics program. Joe Shelley, CIPM, is the Vice President for Libraries and Information Technology at Hamilton College in New York. He oversees information security and privacy programs, IT risk management, business intelligence and analytics, and data governance.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions