The cart is empty

GDPR Internal Auditor Course


The General Data Protection Regulation (EU) 2016/679 ("GDPR") was adopted on April 2016 and became enforceable beginning on the 25th of May 2018. The Regulation aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

GDPR analyses the principles of, and rules on the protection of natural persons with regard to the processing of their personal data. In terms of personal data protection management, internal audits help organizations to detect and prevent issues, test internal control, and monitor compliance with the GDPR .

 

Acquire the necessary skills and knowledge towards GDPR compliance.

Expand your ability to effectively conduct internal audits and train your company’s auditors to meet the requirements of the General Data Protection Regulation with our GDPR Internal Auditor training course.

 

Aims & Objectives
  • Identify the key requirements of General Data Protection Regulation
  • Familiarize with the rights of data subjects and their relevance in daily life
  • Application of compliance mechanisms
  • Cover the rules regarding international data transfers under the GDPR
  • Show how to audit GDPR as a data protection management system
  • Interpret GDPR requirements for internal audit application
  • Provide the latest internal auditor techniques and identify appropriate use

 

Learning Outcomes

Having successfully completed this course you will be able to:

  • Demonstrate knowledge on the principles, roles, responsibilities and processes under the Regulation
  • Demonstrate understanding on the obligations of data controllers and processors
  • Protect your rights as data subject and personal data from unlawful processing
  • Apply control measures and compliance mechanisms
  • Grasp the main concepts such as risk-based thinking, process approach, Plan-Do-Check-Act, and the 7 management principles
  • Enhance skills to conduct effective audits in any auditing situation
  • Identify easier opportunities to improve the Data Protection of your company
  • Plan, conduct, report and follow up an internal audit in accordance with the GDPR
  • Understand the role of an auditor to plan, conduct, report and follow up an audit in accordance with the GDPR
  • Establish and plan the activities of an audit team
  • Communicate effectively with the auditee and audit client
  • Organise and direct audit team members

 

Who should attend?
  • Any company, big or small, which processes personal data within the EU
  • Company executives
  • Management representatives
  • HR and IT directors
  • External appointed auditors
  • Company internal auditors
  • Anyone who wishes to understand the GDPR audits and application

 

Prerequisite skills & knowledge: None required

 

Available in-house/distant learning? Yes

 

Created by: LiberoAssurance Accredited Training Centre

 

Part A:
Introduction to the General Data Protection Regulation
  • General Data Protection Regulation
  • Definitions
  • Why is the GDPR necessary?
 
Regulations’ analysis
  • Personal Data
  • Controller
  • Processor
  • Principles relating to processing of personal data
Lawfulness of Processing
  • Conditions for Lawful Processing
  • Conditions for consent
  • Processing which does not require identification
Codes of Conduct and Certification
  • Codes of conduct
  • Monitoring of approved codes of conduct
  • Certification
  • Certification bodies
Transfers of personal data to third countries or international organisations
  • General principle for transfers
  • Transfers on the basis of an adequacy decision
  • Transfers subject to appropriate safeguards
  • Binding corporate rules
  • Transfers or disclosures not authorized by Union law
  • Derogations for specific situations
Remedies, liability and penalties
  • Right to lodge a complaint with a supervisory authority
  • Right to an effective judicial remedy against a supervisory authority
  • Right to an effective judicial remedy against a controller or processor
  • Representation of data subjects
  • Right to compensation and liability
  • General conditions for imposing administrative fines
  • Penalties

 

Part B:
Security of personal data
  • Security of processing
  • Notification of a personal data breach to the supervisory authority
  • Communication of a personal data breach to the data subject
  • Personal Data Hazards
  • Dealing with hazards
  • Information Security Management Systems - ISO 27001
 
 
Data Protection Officer (DPO)
  • Designation of the data protection officer
  • Position of the data protection officer
  • Tasks of the data protection officer (DPO)
  • Data protection officer’s skills and education
  • Data protection officer and conflict of interests
  • Internal or external DPO?
GDPR as a Personal Data Protection Management System
  • Data Protection Management System
  • Basic Procedures of a Data Protection Management System
  • Supportive Procedures of a Data Protection Management System
Epilogue

 

Part C:
The audit
  • What is an audit?
  • Why Audit?
  • Audit Types
Internal Audit
  • Principles of auditing
  • Scheduled and unscheduled Audits
  • What to Audit – Technical Audit
  • Steps involved in internal audit
  • Scope of audit
  • Frequency of audit
  • Internal Audit process
Audit Steps
  • Performing audit activities
  • Audit Plan
  • Developing Checklists
  • Opening Meeting
  • Conducting the Audit
  • Recording Results
  • Non-Conformities & Non-Compliances
  • Closing Meeting (s)
  • Audit Report
  • Audit Follow-up Activities
Audit Programme
  • Establishing the Audit programme objectives
  • Identifying and evaluating audit programme risks
  • Process flow for the management of an audit programme
  • Managing an audit programme
  • Audit programme Implementation
Audit tips & techniques
  • Tips to trained internal auditor
  • Question Technique
  • Competence of the audit programme manager
Auditor’s Performance
  • Auditor’s Quality
  • The Auditors conduct
  • Auditor’s Code of Conduct
  • Auditor Characteristics
  • Auditor's personal behavior
  • Auditee’s conduct
  • Audit team leader skills
  • How to evaluate an Auditor

 

Exam & Certification
  • Exam on General Data Protection Regulation (GDPR) Internal Auditor
  • “General Data Protection Regulation (GDPR) Internal Auditor” Certificate
Teaching Methods
  • Detailed seminar presentations (available for download)
  • No. of slides: 277

 

Resources
  • Reading lists and resources available in presentations

 

Study time allocation
  • Private study hours: 33
  • Trainer contact hours: Availability and competence of instructors upon request
  • Enrollment duration: 90 days (from the date of purchase)
Credits
  • CPD Points: 33
  • ECTS/ECVET Points: 1.1

 

Assessment methods

Hours

% contribution to final mark

% Minimum passing grade

Exam on General Data Protection Regulation (GDPR) Internal Auditor

1

100

60

Outcomes/Certificates

Upon successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’.

 

Accreditation by EOPPEP


LiberoAssurance has been accredited as a Continuous Professional Development Training Centre Level 1 by the National Organisation for the Certification of Qualifications & Vocational Guidance (EOPPEP).

EOPPEP is the statutory body for the development and implementation of the Hellenic Qualifications Framework (NQF) in correspondence with the European Qualifications Framework (EQF). EOPPEP is the National Coordination Point for EQF in Greece (NCP).

 

Approved courses by the Central Greece University of Applied Sciences


LiberoAssurance in cooperation with the Central Greece University of Applied Sciences offers approved courses. All participants have the option to receive double certification from the University and LiberoAssurance Training Centre.

The University of Applied Sciences of Central Greece and LiberoGroup have agreed to develop a research project the purpose of which is education, lifelong learning and specialisation of persons, to facilitate their induction in the labour market using e-learning and traditional methods of training. The ultimate aim of this cooperation is the development of a post-graduate programme in collaboration with other Academic Institutions and Ministries.

 

Accreditation by IAS and E.S.Y.D


LiberoAssurance has been accredited by the Hellenic Accreditation System (E.SY.D) which has been appointed as the National Accreditation Body of Greece.

LiberoAssurance has been accredited by the International Accreditation Service (IAS) one of the leading accreditation bodies in the United States.

 

 

 

Libero Assurance Certificate

Libero Assurance & University Certificate

 

 

 

View LiberoAssurance Certificate

View LiberoAssurance & University Certificate


170,00 €



Share

  • Comment
  • Post a comment
List of the comments:
No comments have been posted yet.

Give your advice about this item:

Username:
Captcha: