Proving Privacy - Assurance, Standards and Certification: All you need to know
You’ve developed a kick ass privacy programme – but how do you prove it?
This is a course where we discuss all the mechanisms that can grant your stakeholders confidence in your approach to privacy – from measurement and metrics to audit and assurance.
We identify who the stakeholders are, and what mechanisms give them confidence in your approach to privacy, and what the Accountability requirements of the applied GDPR require you to document.
Processor and Vendor management is a key area to many organisations, so we practically discuss what levels of assurance you should look for from your third party suppliers and partners, and how this varies dependant on risk.
We also focus on the emerging areas of certifications, through both the Supervisory Body and the National Accreditation body routes mentioned in the Applied GDPR, including looks at BS 10012, ISO 27552, ISO 29100- the difference between privacy and security certifications such as ISO 27001 (for information security elements), and how to choose and obtain any relevant commercial “badges” to demonstrate your management of personal data.”
|9:00 - 9:30||Arrival and registration|
|9:30- 11.00||Why Assurance?
- GDPR requirement art 24
- Supply chain/Vendor requirements
- Customer assurance
- Management Assurance
What level of Assurance?
- What Value is placed on assurance?
|11.00 – 11:15||Refreshment Break|
|11.15 – 13.00||Management System Approach
- Metrics and Measurement
-- Why, What, how, when
-- 1st, 2nd and 3rd party
-- Enforced and Voluntary Regulator audits
-- Assurance from Consultants, Vendors and Privacy experts
|13.00 – 13.30||Lunch|
|13.30 – 15.00||Managing Vendors
- Risk based approach
- Contractual Provisions
- Standards in the supply chain
Certification under the GDPR
- via Supervisory
- via national accreditation
- EDPB guidance to certification
|15:00 - 15:15||Refreshment Break|
|15:15 - 16:30||Standards
- Industry standards/Vendor standards and Codes of Practices
- How standards work: Accredited Certification
- ISO 27001
- Security vs Privacy
- British, but with GDPR in mind
- ISO 27552
- ISO standard as an add on to ISO 27001
- ISO 29100
- How to get a badge
|16:30||Finish & Close|
|London||29th September 2019|
|Manchester||25th October 2019|
|Cardiff||21st November 2019|
Want to know more about our Trainers?
Our Trainers are amazing, between us we have over 100 years of experience working in information Governance.
Leadership Through Data provide bespoke training courses that are custom made to your needs. Bespoke courses provide an exclusive learning and development opportunity which is cost effective.
If you did not find the course you are looking please contact us and we can discuss and design the right course for you. For a no obligation quote, email firstname.lastname@example.org or call 07931566007 or 01206 807267
All prices include the attendance of 15 delegates, a course workbook, additional reading, slide handouts, an LTD delegate folder, a pen and a CPD certificate. If booked in advance, we offer a 4 week after care package.