ISO in the Sun: PECB EU General Data Protection Regulation (GDPR) Data Protection Officer

This five-day course provides an overview to the requirements of the GDPR in force and applicable since 25th May 2018, and how to implement the same in an organization dealing with data subjects in the European Union.

Overview:
This five-day course enables participants to develop the necessary knowledge, skills, and competence to effectively implement and manage a compliance framework with regards to the protection of personal data.

By mastering all the necessary concepts of EU General Data Protection Regulation (GDPR), participants will gain a thorough understanding of the gap between the GDPR and the current organizational processes including privacy policies, procedures, working instructions, consent forms, data protection impact assessments, in order to assist organisations in the adoption process to the new regulation.

The course consists of a mix of presentation, discussion and exercises based on real-world examples.

Outline:
Introduction to GDPR Essentials
Fundamental Principles of the GDPR
Initiating the GDPR Implementation
Understanding the Organization
Clarifying the Data Protection Objectives
Analysis of the Existing System
Planning the Implementation of the GDPR
Leadership and Project Approval
Data Protection Policy
Definition of the Organizational Structure
Data Classification
Risk Assessment under the GDPR
Deploying the GDPR
Privacy Impact Assessment (PIA)
Design of Security Controls and Drafting of Specific Policies
Implementation of Controls
Definition of the Document Management Process
Communication, Training and Awareness Plan
Monitoring and Improving the GDPR compliance
Operations and Incident Management
Monitoring, Measurement, Analysis and Evaluation
Internal Audit
Data Breaches and Corrective Actions
Continual Improvement

Objectives:
Completion of this course will enable students to:
Gain a comprehensive understanding of the concepts and approaches of the GDPR
Understand the new requirements that the GDPR brings for EU and non-EU organisations and when it is necessary to implement them
Manage a team implementing the GDPR
Gain the knowledge and skills required to advise organisations on how to manage personal data

Audience:
This course is aimed at students with (future) roles like:

Project managers, consultants, advisors, and team members implementing the GDPR
Data Protection Officers and senior managers responsible for the personal data protection
Members of information security, incident management and business continuity teams

Prerequisites:
General understanding of common business processes.

Some past exposure to data protection helpful, but not required.

Examination and Certification:
The course includes access to PECB's three-hour exam available in multiple languages to be taken online on the last day or any time after the course (own laptop required). Exam and first-year certification fees are included in the course fees.

This course is designed by PECB in Canada, who also mark the exam and issues respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.