1. How does the EU directive on the protection of personal data impose requirements on organizations in non-EU countries?"
2. How does Kraft comply with EU data privacy regulations governing the protection of employee data?
3. The EU directive requires "appropriate technical and organizational controls" to be in place to protect the confidentiality and integrity of personal data. How can an organization determine whether its security controls are appropriate?
4. What user access controls are in place for the UPPS and SAP HR systems?
5. How does Kraft implement the following access controls: and role-base access control?
6. Identify at least ten examples of specific HR data that are considered sensitive at Kraft Foods.
7. What is the purpose of Kraft's Code of Conduct for compliance and integrity? How is the information distributed to Kraft employees?
8. Why is Kraft moving away from the use of employee social security numbers for user identification on UPPS?
9. Through the UPPS, Kraft provides its employees online access to their own employee data. Why would Kraft do this?
10. Why would Kraft want to move all of its North American HR transactions from UPPS to SAP HR?