Clone of Controllers Group - Compliance Jeopardy Quiz

Information management and security (IM&S)

Data privacy

Our commercial integrity

Our Code and behaviours

The VW Scandal - video

100

General, Confidential and Highly Confidential.

What are Diageo's three levels of information classification?

100

Transparency and informed consent; Data minimisation; Technical and organisational security; Individual rights; International transfer; Privacy impact assessments and privacy by design; Marketing activities and Third party data processing.

What are the principles of the Data privacy global policy?

100

A tool and site on Mosaic to report a Diageo product you suspect may be a look-a-like or counterfeit - in complete confidence.

What is 'Spot & Stop'?

100

A method of reporting an issue which you believe to be a breach of our Code, policies or standards, and where you do not feel speaking to someone inside Diageo.

What is SpeakUp?

100

Manipulating engine software in TDi diesel cars and violating emission standards by fitting a 'defeat device'

What is Volkswagen accused of doing?

200

A person accountable for an information asset. They are also accountable for creating an information asset inventory for their area and keeping it up-to-date.

What is an information asset owner?

200

"We respect and protect the personal information that we handle in our business activities"

What is the first sentence of the Data Privacy global policy?

200

A due diligence program that requires us to understand the ownership and true identity of our customers, and can identify any potential sanctions or money laundering risks.

What is Know Your Customer (KYC) ?

200

Act like an owner; be restless and agile, be bold in execution and be obsessed with winning; everyone sells or helps sell.

What are our essential behaviours outlined in our Performance Ambition?

200

Wide-spread prosecution, with fines (of up to 18 billion US dollars (£11.6 billion) in the US alone), hit to company shares (which fell 19% and damage to reputation.

What is the damage to VW? (reputational / financial)

300

The email address for the Computer Security Incident Team. They should be contacted to report information security weaknesses, failures or incidents during your everyday work via email.

What is csi@diageo.com?

300

Information relating to a an individual's health, race, political opinions, religious beliefs, sexual life, criminal records or suspected criminal activity and, in many countries, trade union membership.

What is (defined as) sensitive personal information?

300

Small payments or gifts given to a Government Official in order to get the official to do something within their official duties, for example, release a cargo shipment or issue a visa.

What is a 'facilitating' or 'grease' payment?

300

A global programme for all employees dedicated to the promotion of responsible alcohol consumption through communication, education and the sharing of best practice.

What is DRINKiQ?

300

11 million diesel vehicles (at least) worldwide

What is the number of diesel cars Volkswagen admitted to fitting with the 'defeat device'?

400

A list detailing retention and disposal periods.

What is an information asset inventory?

400

An agreement needed when transferring data out of one country or group and into another.

What is an Intra Group Transfer Agreement (IGTA)?

400

1) Always obtain legal approval before you offer, give or pay for any gifts or entertainment to a government official; 2) Never offer or accept cash or cash equivalents as a gift under any circumstances; 3) Obtain your line manager's approval before offering to or accepting from an external party, and 4) Keep transparent and accurate records.

What are the four G&E rules?

400

Zero

What is Diageo's tolerance to retaliation against anyone reporting a concern?

400

Martin Winterkorn

What is the name of the Volkswagen's CEO who resigned in September 2015?

500

A suspension or hold on the disposal of specific information because it might be relevant to a pending or on-going litigation, regulatory or tax investigation.

What is a legal hold?

500

A legal requirement when processing personal information of any EU resident citizens, even if from outside the EU (e.g. a new third party service provider, new technology, product or service)

What is a Privacy Impact Assessment (PIA)?

500

A global standard that sets out the approval process and guidance for those areas where Diageo (the “Group”) undertakes significant financial commitments outside normal day-to-day trading activities. It is divided into sections reflecting the types of business scenarios where approval limit decisions may be required.

What is the Statement of Authorities (SoA)?

500

An occupational health and safety programme launched in 2007 with the ambition that 'everyone goes home safe, every day'.

What is Diageo's Zero Harm programme?

500

'Dieselgate'

What is the name given to the VW scandal by the press/media?