With the General Data Protection Regulation (GDPR) compliance deadline of May 2018 looming, many organizations find themselves at a compliance crossroads. Where processes and procedures have been created or amended to comply with the regulations, organizations frequently find themselves uncertain as to whether those measures implemented will be sufficient to meet compliance obligations.
Our two-day GDPR Auditor and Self-assessment training course is designed to help remove that uncertainty. The course is aimed at stakeholders within organizations who are accountable for ensuring compliance with the GDPR.
By attending this course you will be better prepared to carry out a review of how an organization has interpreted and implemented the new regulation.
This course will position attendees to start a self-assessment exercise of their own organiszation, and ultimately allow them to provide assurance to senior management and boards of directors on compliance practices within their own organizations.
The focus of the course is not specific to auditing but whether compliance has been achieved at a single point in time on a gap analysis basis; rather, efforts will be focused on how organizations should build in “3rd line of defence” practices to ensure compliance on an ongoing continuous assessment basis.
Who should attend?
The course content is aimed at a practitioner level, or at those with some pre-existing knowledge of the GDPR regulations (for example, attendees of BSI’s EU General Data Protection Regulation Foundation training course). The course is aimed primarily at those who currently have a role in compliance, data protection or information security and need to understand how to assess compliance with the regulations. Similarly, the course would prove beneficial to those with accountability for project management of the GDPR implementation process.
Suggested job roles and their teams include:
- Information security managers
- Data protection officers
- IT and corporate security managers
- Corporate governance managers
- Risk and compliance managers
- Project managers on GDPR implementation projects
- Internal legal teams
- Gain a good comprehension of the updated concepts and principles and the application of them in the GDPR
- Be able to understand the application of the GDPR in practice, in areas including; privacy impact assessments, privacy by design, audits, data breaches etc.
- Be able to review the appropriateness of the design policies, procedures, controls and practices within their own organization.
- Be able to assess the effectiveness of the operation of those policies, procedures, controls and practices within their own organization.
- Be armed to reach conclusions on points of interpretation of the law, and to ensure policies, procedures and practices within their own organization have been
- Gain the confidence to interpret data protection regulations
- Have greater ability to identify potential non-compliances with the GDPR
- Obtain an understanding of typical approaches adopted by other organizations when achieving compliance and how these may benefit your own organization.
- Attendees will be enabled to provide assurance to senior management and boards of directors on compliance practices within their organizations.
- Course Notes / Material
- Certificate of attendance