€800,00 (€968,00 incl. VAT)
€600,00 (€726,00 incl. VAT)
€900,00 (€1.089,00 incl. VAT)
€700,00 (€847,00 incl. VAT)
13 May 2024 - 09:00
13 May 2024 - 17:00
Auditing GDPR maturity and compliance
This training class helps you to understand, and be able to develop a risk-based audit approach to assess compliance with the GDPR and data protection procedures. The GDPR introduced additional responsibilities for organisations processing personal data and assigned more rights to the individuals whose personal data is processed. This requires the implementation of additional processes and robust procedures and is not at all limited to IT security.
Basic GDPR principles will be discussed and clarified through the use of practical cases so that participants understand the essential control objectives and required controls. The training will also cover several Data Protection maturity assessment models that can assist with a broad and efficient screening of the overall maturity and to quickly identify blind spots and poor controls.
Participants will be coached on the development of compliance audit programs for specific high-risk GDPR provisions such as data subject rights, 3rd party processors of personal data, handling of data breaches and records of processing activities. This will happen through a series of exercises, feedback sessions and class discussions.
Internal auditors, audit managers and directors with a keen interest to gain an in-depth understanding of the GDPR implications on an organisation’s data protection procedures and how Internal Audit can provide independent assurance over the key risks relating to the GDPR.
• Obtain profound knowledge on data protection key risk areas and processes in order to understand key areas to focus on during audits.
• Learn how to use good practice checklists to help you secure your organization, protect your customers’ data, and avoid costly fines for non-compliance.
• Receive guidance on audit tools and techniques which will enhance the efficiency and effectiveness of auditing GDPR compliance.
• Accountability and governance around the DPO function, privacy policies and training
• Processing principles such as data minimization, legitimate purposes, lawful processing, appropriate technical or organizational measures to ensure security of personal data.
• Audit tools and techniques to evaluate the design and good functioning of processes and controls around the key GDPR