SSPA

Background

Data Subjects

Do's and Don'ts

Section J

Super Bowl

100

Abbreviation definition for DPR

What are Data Protection Requirements?

100

Data Subjects Rights

What is rights to access, delete, edit, export, restrict, and object to Processing of their Personal Data?

100

Data Subjects Policy

Why can we send a data subjects policy template?

100

Number of section J requirements

What are 19 requirements?

100

Teams in Super Bowl LIV

Who are the San Francisco 49ers and Kansas City Chiefs?

200

Number of requirements

200

Controller

Who are individuals that determine the purposes and means of the Processing of Personal Data?

200

Attestation vs Validation

What is validation?

200

Data Breach Customer Alert Timeframe

What is 72 hours?

200

Baltimore Ravens 2013

Who are the Super Bowl XLVII champions?

300

Confidential DPR review

What are sections A, E, and J?

300

Process

What are operations performed on personal or confidential data?

300

Can't Send Templates

What is a disaster recovery plan and incident response plan?

300

Ways to be exempt from section J with Microsoft approval

What is ISO 27001 or SOC 2?

300

Team to lose most Super Bowls

Who are the Denver Broncos?

400

Abbreviation for SSPA

What is Supplier Security & Privacy Assurance?

400

Data Breach

What is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal or confidential data?

400

Vulnerability Scans

Why can we not conduct vulnerability scans for a vendor?

400

Asset inventory requirements

What is location of device, data classification, record of asset recovery, and record of disposal of data storage media?

400

First team to win 5 Super Bowls

Who is the San Francisco 49ers?

500

DPR applicability

Who are Microsoft suppliers that process personal or confidential data?

500

Requirements for data subject records

What is the data and time of the request, actions taken to respond to the request, and record of when Microsoft was informed?

500

Password reset policy: 180 days due to NIST standards

What is a correct exemption from the password 90 day reset policy?

500

The 4 requirements to approve a disaster recovery plan

What are critical system definitions, list of critical systems, defined disaster recovery procedures, and documented annual testing?

500

4 teams who have never reached the super bowl

Who are the Buffalo Bills, Cleveland Browns, Houston Texans, and Jacksonville Jaguars?