AUDIT IN PRIVACY. WORKSHOP
ANALYSIS METHODOLOGIES AND CONTROL FLOWS
START TIME 10:00 | BREAK TIME 13:00-14:00 | END TIME 17:00
THE WORKSHOP
What is an Audit? Why conduct an Audit? How is an audit conducted? How is it scheduled? What are the differences between first, second and third party audits?
The 6-hour Audit in Privacy workshop will delve into these conceptIons, how first-part audits (internal audits of the organization's privacy system) and second-part audits (at vendors) work.
Learning how to perform first- and second-party audits is a must for the DPO, legal and compliance departments.
Understanding the techniques of Audit elements rules that regulate it, knowing how to identify the company's critical assets and identify weaknesses is also important for the data controller, who is held accountable for all those who, on its behalf, process personal data.
Holders will be able to use audit techniques as an element to substantiate their accountability.
Auditors will learn how to prepare audit plans, reports and how to properly handle findings (compliance, observations and comments).
DPOs will know how to propose and how to read an audit.
Protecting and securing the privacy system, is not limited to one's own organization, but branches out to all the components that come into play in data management.
In the private sphere and, in particular, in the public sphere, it is necessary to properly measure one's internal level of GDPR compliance and, consecutively, to choose the vendor on the basis of the privacy guarantees provided and to know how to carry out a screening activity that can provide high guarantees.
PROGRAM
- Audits under GDPR
- When an audit is needed,
- The standard 19011 2018
- The ISO 17065 standard
- EDPB guidelines
- How to organize an audit
- Audit planning : how , what and how much to sample
- Calculation of time
- The audit plan
- The checklists
- The collection of evidence
- How to fill out the experience report
- The audit team :the lead auditor and audit team management
- The skills of those performing the audit
- The norms that help us
- The forms
- ISDP Guidelines©10003
TO WHOM IT IS ADDRESSED
- DPO
- Manager Privacy
- Managers
- Legal Offices
- Internal Auditor
- ISDP Auditor©10003
- Consultants
- Privacy Expert
- Privacy Specialist
- Security Manager
- Security Consultant
- Data controllers
- Legal
- HR manager
LECTURER:
Riccardo Giannetti: Scheme Owner & Training Manager Inveo srl
HOW TO PARTICIPATE IN LIVE STREAMING:
The workshop will be live streamed through the GoToMeeting platform, number #1 in learning, conference and webinar services.
We chose GoToMeeting to foster and maintain direct contact with the speaker, as in classroom training courses.
- All you need to participate is an Internet connection. A high-speed connection will allow for better performance.
- An e-mail address is required for each participant. Inveo will use this address to send an e-mail with an invitation link to the course, operational instructions for access, and the course materials in electronic format.
Once you have made your payment you will receive all the instructions and how to access the room via email.
TEACHING MATERIALS:
Course materials with course slides will be emailed in .pdf format prior to the start of the workshop.
THE QUALIFICATION OF THE WORKSHOP:
Online Final Examination
- Certificate of Competence, upon passing the final examination
- Certificate of Attendance, in case the final exam is not passed.
The link to the final test will be sent at the conclusion of the course to the email provided during registration.
ONLINE WORKSHOP REGISTRATION
Dates being planned