Awareness
Breach Management
Compliance
Key Roles
Security Measures
100

Who is considered a data subject under the Data Privacy Act?
A. Pytera Inc.

B. National Privacy Commission 

C. An individual whose personal data is processed

C. An individual whose personal data is processed 

100

Which of the following is the most common cause of data breaches?

A. Hackers 

B. Human error 

C. Fire 

B. Human error

100

Which of the following is a right of a data subject?

A. Right to be informed

B. Right to record data 

C. Right to investigate companies 

A. Right to be informed

100

Who is primarily responsible for ensuring compliance with data privacy policies?

A. Personal Information Controller 

B. Data Protection Officer

C. Dev Partners 

B. Data Protection Officer

100

What is a basic security best practice for devices? 

A. Lock your computer

B. Write passwords on paper 

C. Share your login with co-Partners 

A. Lock your computer

200

What does PIC stand for in data privacy terminology? 

A. Privacy Information Checker 

B. Personal Information Controller

C. Personal Identification Code 

B. Personal Information Controller

200

What type of breach occurs when personal data is altered without authorization?

A. Integrity Breach

B. Availability Breach 

C. Confidentiality Breach 

A. Integrity Breach

200

What does a Privacy Notice primarily communicate to users?

A. Marketing promos

B. Outlines how data is collected, used, and protected

C. Internal company rules 

B. Outlines how data is collected, used, and protected

200

Which of the following best describes the Personal Information Controller (PIC)?

A. A person hacking into data

B. A person that processes data for others 

C. A person who controls or decides on data processing

C. A person who controls or decides on data processing  

200

Which of these is not a common phishing sign? 

A. Matching corporate email address

B. Spelling errors 

C. Suspicious links 

A. Matching corporate email address

300

Which of the following is NOT typically stored by Mynimo from job seekers?

A. Resume

B. Work preferences 

C. Bank account numbers

C. Bank account numbers

300

Which of the following is a sign of a phishing email? 

A. Uses a professional signature

B. Contains spelling/grammar mistakes and urgency

C. Sent from a company email 

B. Contains spelling/grammar mistakes and urgency

300

Which right allows a person to request the deletion of their personal data? 

A. Right to block/remove

B. Right to portability

C. Right to access

A. Right to block/remove

300

What is the role of the Compliance Officer for Privacy (COP)?

A. Fix IT bugs

B. File taxes

C. Assist the DPO in implementing data privacy policies 

C. Assist the DPO in implementing data privacy policies

300

What is the final stage of the Personal Data Life Cycle?

A. Collection 

B. Destruction 

C. Use

B. Destruction

400

Which of the following best describes “sensitive personal information”? 

A. Name 

B. Bank account numbers

C. Mobile phone number

B. Bank account numbers

400

What is the difference between a security incident and a data breach?

A. Security incident is more serious

B. Security incident always involves legal action 

C. Data breach involves personal data exposure

C. Data breach involves personal data exposure

400

Which of the following best represents 90% of compliance efforts?

A. Realizing and enforcing privacy in daily operations

B. Writing legal policies 

C. Filing with the SEC

A. Realizing and enforcing privacy in daily operations

400

Who is the Privacy Team?

Everyone in Pytera is part of the Privacy team.

400

What’s the risk if a phishing email is responded to?

A. System slowdown 

B. Personal data compromise or ransomware

C. IT promotion 

B. Personal data compromise or ransomware

500

Which organization oversees the implementation of the Data Privacy Act in the Philippines?

A. Department of Information and Communications Technology

B. National Privacy Commission

C. National Telecommunications Commission 

B. National Privacy Commission

500

What is the penalty for unauthorized disclosure of personal information under RA 10173?

A. P10,000 fine 

B. 6 months imprisonment only 

C. 1–5 years jail and up to P2 million fine

C. 1–5 years jail and up to P2 million fine

500

Personal information can be sensitive personal information, too. 

A. TRUE

B. FALSE 

C. It depends 

A. TRUE

500

In the context of Data Privacy Act of 2012, what is the role of HR partners regarding the forwarding of employee's personal information to other departments for processing? 

A. Personal Information Controller

B. Personal Information Processor 

C. Data Subjects 

A. Personal Information Controller

500

What's our main role as Pytera Inc.'s employee to ensure that the data we handle is secured? 

A. To comply with the Data Privacy Act of 2012

B. To protect the privacy of Mynimo.com 

C. To foster a culture that values privacy through awareness 

A. To comply with the Data Privacy Act of 2012

M
e
n
u