Data Security Assessment Please enable JavaScript in your browser to complete this form.Please enable JavaScript in your browser to complete this form.Your email address * in of practice Question 1: Which of the following statements on the types of information used in local government is correct? Tick one option from the answers listed below. *Personal information applies only to living peoplePersonal information applies only to residentA person’s name and address are needed for them to be identifiedAn unusual name will not identify an individualAnonymised information cannot be personal or confidentialQuestion 2: Which of the following statements on the topic of confidentiality is correct? Tick one option from the answers listed below. *It is not necessary to explain how someone’s personal information will be usedIt is not necessary to give them a choice about how their personal information is usedIt is not necessary to tell them before their personal information is shared for the first timeIt is not necessary to get consent every time you subsequently share someone’s personal information for the same purposeQuestion 3: Which of the following statements on the Data Protection Act 1998 is correct? Tick one option from the answers listed below. *The Act only applies to resident or service user informationThe Act only applies to personal information in digital formThe Act prevents information being shared for local government purposesOrganisations can be fined or face legal action for breaching the principles of the ActQuestion 4: Which of the following statements on the Freedom of Information Act is correct? Tick one option from the answers listed below. *The Act puts a duty on organisations to supply information to individuals who make a written requestIndividuals can submit a request for information in writing or over the telephoneOrganisations must respond to a valid request within 10 working daysIf necessary, organisations have a duty to create new information in order to meet a FOI requestQuestion 5: Which of the following represents an example of good practice in record keeping? Tick one option from the answers listed below. *Storing commonly used records in your drawerUse a unique reference for each entryCreating duplicate records for each personPreventing people from checking their own detailsUpdating records at the end of each monthQuestion 6: Which of the following represents an example of good practice in physical security? Tick one option from the answers listed below. *Having a sign-in procedure for visitorsSharing your ID badge with a colleague who has forgotten hisPropping open fire doors when the weather is warmLeaving service user records on your desk in case you need them laterQuestion 7: Which of the following should not be used to send personal information unless absolutely necessary? Tick one option from the answers listed below. *PostEmailFaxTelephoneQuestion 8: Which of the following is likely to increase the risk of a breach when sending personal information? Tick one option from the answers listed below. *Using a trusted postal courier serviceVerifying the identity of telephone callersUsing a secure email systemLeaving messages for telephone callersEncrypting any personal informationQuestion 9: Which of the following statements best describes how to respond to an incident? Tick one option from the answers listed below. *All incidents should be reportedAn incident should be reported only if it results in personal information being revealedAn incident should be reported only if it results in personal information being lostAn incident should be reported only if it results in harm to a service userThere is no need to report an incidentQuestion 10: Which of the following is least likely to create a security risk? Tick one option from the answers listed below. *Leaving sensitive documents on your deskUsing a council USB at workUsing an unauthorised mobile phone for work mattersLeaving a restricted access door openQuestion 11: Which of the following is characteristic of a secure password? Tick one option from the answers listed below. *No more than 5 characters in lengthContains your usernameContains a mix of character typesSimilar to previous passwordsQuestion 12: Under which of the following circumstances is it acceptable to use your work-provided digital asset for personal browsing? Tick one option from the answers listed below. *To connect to your personal webmailIf you don’t stay online too longWhen you are working outside the office or homeOnly if you have been authorised to do so by your organisationQuestion 13: Which of the following is the best course of action if you receive a phishing email? Tick one option from the answers listed below. *Reply to the emailForward the email to your colleaguesNotify your IT department/providerOpen the attachmentsClick on the links in the emailQuestion 14: Consider the following statement. “If your computer is running slowly you should disable the anti-virus software.” Tick one option from the answers listed below. *This statement is trueThis statement is falseQuestion 15: Which of the following represents an example of good practice in data security? Tick one option from the answers listed below. *Attaching unauthorised equipment to your work-provided digital assetUpdating the anti-virus software on your work-provided digital assetUsing your work-provided digital asset for personal reasons not consistent with your organisation’s policyDownloading software or data from the Internet to your work-provided digital assetConnecting your work-provided digital asset to an unknown networkTest Completed *Thank you for completing the assessment. Your scores will be available via Clerk. Submit Share this page - Opens in new window
