The cart is empty

GDPR Lead Auditor Course

The General Data Protection Regulation (EU) 2016/679 ("GDPR") was adopted on April 2016 and is now in force since the 25th of May 2018. The Regulation aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. GDPR is an important tool to assist organizations to enhance their performance, increase customer satisfaction and acquire a competitive advantage.

 

Acquire the necessary skills and knowledge in order to be GDPR compliant.

Gain the knowledge and skills to audit a company’s Personal Data Protection Management System with our GDPR Lead Auditor training course.

 

 

 

Aims & Objectives
  • Identify the key requirements of General Data Protection Regulation
  • Familiarize with the rights of data subjects and their relevance in daily life
  • Application of compliance mechanisms
  • Cover the rules regarding international data transfers under the GDPR
  • Show how to audit GDPR as a data protection management system
  • Interpret GDPR requirements for audit application
  • Provide the latest lead auditor techniques and identify appropriate use

 

Learning Outcomes

Having successfully completed this course you will be able to:

  • Demonstrate knowledge on the principles, roles, responsibilities and processes under the Regulation
  • Know how to prepare your company to be GDPR compliant
  • Demonstrate knowledge on the obligations of data controllers and processors
  • Protect your rights as data subject and personal data from unlawful processing
  • Apply control measures and compliance mechanisms
  • Grasp the main concepts such as risk-based thinking, process approach, Plan-Do-Check-Act, and the 7 management principles
  • Gain the skills to plan, conduct, report and follow up an audit in accordance with GDPR
  • Explain the role of an auditor to plan, conduct, report and follow up an audit in accordance with GDPR
  • Conduct effective audits in any auditing situation
  • Establish and plan the activities of an audit team
  • Communicate effectively with the auditee and audit client
  • Organise and direct audit team members
  • Prepare and complete the audit report
  • Use remote auditing methods

 

Who should attend?
  • Any company, big or small, which processes personal data within the EU
  • Company executives
  • HR and IT directors
  • Appointed auditors
  • Anyone who wishes to understand the GDPR audits and application
  • Anyone involved in the planning, implementing, maintaining, supervising, or auditing of a Personal Data Protection Management System
  • Anyone interested in Personal Data Protection Management Systems

 

Prerequisite skills & knowledge: None required

 

Available in-house/distant learning? Yes

 

Created by: LiberoAssurance Accredited Training Centre

 

Part A:
Introduction to the General Data Protection Regulation
  • General Data Protection Regulation
  • Definitions
  • Why is the GDPR necessary?
 
Regulations’ analysis
  • Personal Data
  • Controller
  • Processor
  • Principles relating to processing of personal data
Lawfulness of Processing
  • Conditions for Lawful Processing
  • Conditions for consent
  • Processing which does not require identification
Codes of Conduct and Certification
  • Codes of conduct
  • Monitoring of approved codes of conduct
  • Certification
  • Certification bodies
Transfers of personal data to third countries or international organisations
  • General principle for transfers
  • Transfers on the basis of an adequacy decision
  • Transfers subject to appropriate safeguards
  • Binding corporate rules
  • Transfers or disclosures not authorized by Union law
  • Derogations for specific situations
Remedies, liability and penalties
  • Right to lodge a complaint with a supervisory authority
  • Right to an effective judicial remedy against a supervisory authority
  • Right to an effective judicial remedy against a controller or processor
  • Representation of data subjects
  • Right to compensation and liability
  • General conditions for imposing administrative fines
  • Penalties

 

Part B:
Security of personal data
  • Security of processing
  • Notification of a personal data breach to the supervisory authority
  • Communication of a personal data breach to the data subject
  • Personal Data Hazards
  • Dealing with hazards
  • Information Security Management Systems - ISO 27001
 
 
Data Protection Officer (DPO)
  • Designation of the data protection officer
  • Position of the data protection officer
  • Tasks of the data protection officer (DPO)
  • Data protection officer’s skills and education
  • Data protection officer and conflict of interests
  • Internal or external DPO?
GDPR as a Personal Data Protection Management System
  • Data Protection Management System
  • Basic Procedures of a Data Protection Management System
  • Supportive Procedures of a Data Protection Management System
Epilogue

 

Part C:
The audit
  • What is an audit?
  • Why Audit?
  • Audit Types
Audit Steps
  • Audit Plan
  • Developing Checklists
  • Opening Meeting
  • Conducting the Audit
  • Closing Meeting
  • Audit Report
  • Audit Follow-up Activities
Audit Programme
  • Establishing the Audit programme objectives
  • Identifying and evaluating audit programme risks and opportunities
  • Process flow for the management of an audit programme
  • Managing an audit programme
  • Audit programme Implementation
  • Process of collecting and verifying information
  • Monitoring audit programme
  • Improving audit programme
Accreditation & Certification
  • Accreditation & Certification Bodies
  • Certification Process
Auditor’s Performance
  • Auditor’s Quality
  • The Auditors conduct
  • Auditor’s Code Conduct
  • Auditor Characteristics
  • Auditor's personal behavior
  • Auditee’s conduct
  • Selecting the audit team members
  • Skills of audit team leaders
  • How to evaluate an Auditor
  • Maintaining and improving auditor competence
Psychological factors during an audit
  • Attitudes and relationships
  • Obstacles & communication
  • Space & Time issues
  • Body language
  • Cultural factors
  • Principles of Listening
  • Questions & questioning
Audit tips & techniques
  • Tips to trained internal auditor
  • Question Technique
  • Competence of the audit programme manager

 

Exam & Certification
  • Exam on General Data Protection Regulation (GDPR) Lead Auditor
  • “General Data Protection Regulation (GDPR) Lead Auditor” Certificate
Teaching Methods
  • Detailed seminar presentations (available for download)
  • No. of slides: 289

 

Resources
  • Reading lists and resources available in presentations

 

Study time allocation
  • Private study hours: 48
  • Trainer contact hours: Availability and competence of instructors upon request
  • Enrollment duration: 90 days (from the date of purchase)

 

Assessment methods

Hours

% contribution to final mark

% Minimum passing grade

Exam on General Data Protection Regulation (GDPR) Lead Auditor

1

100

60

Outcomes/Certificates

Upon successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’.

 

Accreditation by EOPPEP


LiberoAssurance has been accredited as a Continuous Professional Development Training Centre Level 1 by the National Organisation for the Certification of Qualifications & Vocational Guidance (EOPPEP).

EOPPEP is the statutory body for the development and implementation of the Hellenic Qualifications Framework (NQF) in correspondence with the European Qualifications Framework (EQF). EOPPEP is the National Coordination Point for EQF in Greece (NCP).

 

Approved courses by the Central Greece University of Applied Sciences


LiberoAssurance in cooperation with the Central Greece University of Applied Sciences offers approved courses. All participants have the option to receive double certification from the University and LiberoAssurance Training Centre.

The University of Applied Sciences of Central Greece and LiberoGroup have agreed to develop a research project the purpose of which is education, lifelong learning and specialisation of persons, to facilitate their induction in the labour market using e-learning and traditional methods of training. The ultimate aim of this cooperation is the development of a post-graduate programme in collaboration with other Academic Institutions and Ministries.

 

Accreditation by IAS and E.S.Y.D


LiberoAssurance has been accredited by the Hellenic Accreditation System (E.SY.D) which has been appointed as the National Accreditation Body of Greece.

LiberoAssurance has been accredited by the International Accreditation Service (IAS) one of the leading accreditation bodies in the United States.

 

 

 

gdpr_lead

190,00 €



Share

  • Comment
  • Post a comment
List of the comments:
No comments have been posted yet.

Give your advice about this item:

Username:
Captcha: