ISDP©10003:2015 MODULES 3-4-5

24 hour course + 2 progress tests

MODULE 3

OBJECTIVE

The aim of this module is to enable participants to establish the general responsibilities of the data controller who has personal data processed directly or by others on the data controller's behalf. Participants will be able to assess the proper awareness and the suitability and effectiveness of procedures which the data controller should put into place to assess and prevent risks connected to processing private data. Methods will be studied to objectively assess the probability and the seriousness of risks in order to mitigate their potential effects.
Risk Assessment is a process made up of four phases: identifying risk, characterising risk, assessing exposure to risk, mitigating risk.

PROGRAMME

  • Assessment in terms of the origin of risk
  • Introduction to ISO/IEC 31000
  • How to carry out a risk assessment
  • Adopting suitable internal practices in order to prevent, mitigate and/or eliminate risks that threaten data
  • Possible guidelines issued by the authority
  • Ways to establish whether data processing carries a risk or a high risk
  • Ways to perform maintenance, periodic checks
  • Analytical assessment for audits carried out on the risks of loss, modification, disclosure or illicit access of personal data

TEST DI APPRENDIMENTO

Test scritto a risposta multipla*

*Qualora il test non fosse superato, sarà possibile sostenerlo dopo 30 giorni in modalità online


MODULE 4

OBJECTIVE

The objective of the course is to provide Auditors and Lead Auditors with certain techniques that can increase observance of the Regulation should processing present a high risk to a natural person's rights and freedoms. The methods for carrying out a proper impact assessment (DPIA) in order to determine the peculiarity and severity of risk.

PROGRAMMA

  • Assessment of suitability
  • When it is necessary to perform a DPIA
  • Performing an Impact Assessment (DPIA) outside of the cases in which it is mandatory
  • Assessment regarding the origin, particular nature and severity of risks to freedoms and rights
  • How to carry out an Impact Assessment
  • Which methodologies and tools can be used
  • Risk and High Risk
  • Mitigating risks, available technologies and implementation costs
  • Possible regulatory authority consultation

TEST DI APPRENDIMENTO

Test scritto a risposta multipla*

*Qualora il test non fosse superato, sarà possibile sostenerlo dopo 30 giorni in modalità online


MODULE 5

OBJECTIVE

What is the operational implementation going to look like with the European Regulation? The last module in the ISDP course puts the role of the DPO at its heart, through a 360° screening of this role, the expertise needed, the tasks involved with regards to data protection in the GDPR, and the cooperation with, and information flows to and from, auditors.

PROGRAMMA

  • Professional qualities of a DPO
  • Article 5
  • Accountability
  • The DPO and the audit
  • Audit regulatory system
  • Data quality verification and assessment methodologies
  • DPO guidelines
  • Case Histories and operational issues

MATERIALE DIDATTICO

Verranno fornite le slides utilizzate durante il corso e modelli tecnico-operativi.

 

 


14-15-16 May ROME

ISDP©10003:2015 European Privacy Auditor training course | Modules 3-4-5

METHODS OF PAYMENT

1900 €+IVA 22%

CREDIT TRANSFER