Course Code
gdpraudit
Duration
14 hours (usually 2 days including breaks)
Requirements
None .
Overview
This course is developed primarily with focus on auditors and other administrative roles who are
tasked to ensure compliance of their control systems and IT environment with prevailing laws and
regulations. The course will begin by giving understanding of key GDPR concepts as well as how it is
going to affect the work performed by auditors. Participants will also explore data subjects rights,
data controllers and processors obligations, and enforcement and compliance notions in the
context of the Regulation. The training will also cover the audit program provided by ISACA that will
enable auditors to review GDPR governance and response mechanisms as well as supporting
processes which can help manage the risk associated with noncompliance.
Course Outline
- Introduction to data protection and GDPR
- Key concepts and definitions
- Privacy and data protection
- Privacy by Design
- The GDPR and its scope
- Key data protection roles
- 6 data protection principles
- Data Subjects consents and data processing
- Transparency and modalities
- Rights of access, rectification, objection and restriction of processing
- Rights to erasure and data portability
- Rights regarding complaints, judicial remedies, automated individual decision-making representation and compensation
- Restrictions of rights
- Controllers and processors
- Controller's obligations and responsibilities
- Joint controllers
- Processor's obligations and responsibilities
- Information, notification and record keeping
- Data Protection Impact Assessments (DPIA)
- Data Protection Officer (DPO) and his role in carrying out DPIA
.png "new york stock exchange (nyse)")
_ireland.gif "environmental protection agency (epa) ireland")
.png "aeronautical radio, incorporated (arinc)"){kind=small}
.jpg "european organization for nuclear research (cern)")
.png "european space agency (esa)")
