General Data Protection Regulation (GDPR) Officer

The General Data Protection Regulation (GDPR) is a regulation that will enforce a stronger data protection regime for organizations that operate in the European Union (EU) and handle EU citizens’ data. GDPR constitutes the protection of personal data of employees, customers and others.

In case organizations fail to comply with this regulation, they will be subject to heavy fines and damaged reputation. Considering that personal data represents critical and sensitive information that all organizations should protect, such a regulation will help put in place appropriate procedures and controls to prevent Information Security breaches. By May 2018, all organizations that operate in the EU should comply with this regulation..

Who Should Attend:

• Project managers or consultants wanting to prepare and to support an organization in the implementation of the new procedures and adoption of the new requisites presented in the GDPR, which will come into force and effect by the 25th May 2018
• DPO and Senior Managers responsible for the personal data protection of an enterprise and the management of its risks.
• Members of an information security, incident management and business continuity team.
• Expert advisors in security of personal data.
• Technical experts and compliance experts wanting to prepare for a Data Protection Officer job

Course Duration:

• Day 1: Introduction to the GDPR and initiation of the GDPR Compliance
• Course objective and structure
• General Data Protection Regulation
• Initiating the GDPR Implementation
• Understanding the Organization and Clarifying the Data Protection Objectives
• Analysis of the Existing System
• Day 2: Plan the implementation of the GDPR
• Leadership and approval of the GDPR Compliance Project
• Data Protection Policy
• Definition of the Organizational Structure of Data Protection
• Data Classification
• Risk Assessment under the GDPR
• Day 3: Deploying the GDPR
• Privacy Impact Assessment (PIA)
• Design of Security Controls and Drafting of Specific Policies & Procedures
• Implementation of Controls
• Definition of the Document Management Process
• Training and Awareness Plan
• Day 4: Monitoring and continuous improvement of GDPR compliance
• Operations Management
• Incident Management
• Monitoring, Measurement, Analysis and Evaluation
• Internal Audit
• Data breaches and corrective actions
• Competence, Evaluation and Closing the Training
• Day 5: Certification Exam