Free IAPP CIPP-US Exam Questions

Become IAPP Certified with updated CIPP-US exam questions and correct answers

Page: 1 / 41

Total 201 Questions | Updated On: Jan 27, 2026

Add To Cart

Question 1

Which jurisdiction must courts have in order to hear a particular case?

A : bject matter jurisdiction and regulatory jurisdiction

B : bject matter jurisdiction and professional jurisdiction

C : rsonal jurisdiction and subject matter jurisdiction

D : rsonal jurisdiction and professional jurisdiction

Answer: C

Question 2

What is the main purpose of the Global Privacy Enforcement Network (GPEN)?

A : promote universal cooperation among privacy authorities

B : investigate allegations of privacy violations internationally

C : protect the interests of privacy consumer groups worldwide

D : arbitrate disputes between countries over jurisdiction for privacy laws

Answer: A

Question 3

A company based in United States receives information about its UK subsidiary’s employees in connection with

the centralized HR service it provides.

How can the UK company ensure an adequate level of data protection that would allow the restricted data

transfer to continue?

A : signing up to an approved code of conduct under UK GDPR to demonstrate compliance with its requirements, both for the parent and the subsidiary companies

B : revising the contract with the United States parent company incorporating EU SCCs, as it continues to be valid for restricted transfers under the UK regime

C : By submitting to the ICO a new application for the UK BCRs using the UK BCR application forms, as their existing authorized EU BCRs are not recognized.

D : allowing each employee the option to opt-out to the restricted transfer, as it is necessary to send their names in order to book the sales bonuses.

Answer: B

Question 4

An organization self-certified under Privacy Shield must, upon request by an individual, do what?

A : pend the use of all personal information collected by the organization to fulfill its original purpose

B : ovide the identities of third parties with whom the organization shares personal information.

C : ovide the identities of third and fourth parties that may potentially receive personal information

D : Identify all personal information disclosed during a criminal investigation

Answer: B

Question 5

Edward Snowden’s revelations regarding government programs collecting massive amounts of information about U.S. citizens and noncitizens led to the passage of which law?

A : bersecurity Information Sharing Act of 2015

B : reign Intelligence Surveillance Act

C : USA FREEDOM Act

D : OUD Act

Answer: C

Page: 1 / 41

Total 201 Questions | Updated On: Jan 27, 2026

Add To Cart