Get in Touch

Course Outline

Day 1

I. Selecting a Personal Data Protection Management Model
1. Prerequisites for an effective data protection system
2. Existing data protection governance models
3. Division of roles and responsibilities in data protection processes.

II. Duties and Responsibilities of the Data Protection Officer (DPO)
1. Mandatory appointment of a Data Protection Officer
2. Optional appointment of an Inspector
3. Essential knowledge for the DPO
4. Resources for gaining knowledge
5. Qualifications required to act as an Inspector
6. Employment structure of the Supervisor
7. Enhancing DPO capabilities
8. DPO tasks

III. Data Flows
1. Key concepts regarding data flows for the DPO
2. Competencies expected of a DPO regarding data flows
3. Specific DPO tasks in this area.

IV. Preparing and Conducting an Audit
1. Preparatory activities for an audit
2. How to prepare an audit plan
3. Assigning roles and tasks to the audit team
4. Creating working documents
5. Audit checklist
6. Case study: Overview of the auditing process.

V. Assessing the Degree of Compliance
1. Key considerations:
2. Security of processing
3. Legal bases for processing
4. Principle of consent
5. Principle of data minimization
6. Principle of transparency
7. Entrusting processing activities
8. Transferring data to third countries and international transfers.

VI. Audit Reporting
1. How to prepare an audit report
2. Components of an audit report
3. Critical areas of focus
4. Case study
5. Collaborating with employees – fostering employee awareness
6. Verifying CPU warranty

VII. Maintaining Compliance
1. Employee awareness – a critical issue
2. Data Protection Policy
3. Essential documentation
4. Continuous monitoring

Day 2

VIII. Introduction to Risk Management
1. Organizing the risk assessment process
2. Selected risk assessment practices
3. Essential elements of a DPIA

IX. Examining the Context of Personal Data Processing
1. Contextual research exercises
2. External context
3. Internal context
4. Common mistakes

X. Data Protection Impact Assessment (DPIA)
1. Purpose of execution
2. When a DPIA is obligatory versus optional
3. Necessary elements of the process
4. Inventory of processing activities
5. Identification of processing resources, particularly those with high risk

XI. Risk Analysis Exercises
1. Estimating the probability of a hazard occurring
2. Identifying vulnerabilities and existing security measures
3. Identifying effectiveness
4. Estimating consequences
5. Risk identification
6. Determining the level of risk
7. Determining the threshold of risk acceptability

XII. Asset Identification and Security Exercises
1. Determining the risk value for the resource
2. Estimating the probability of the hazard occurring
3. Vulnerability identification
4. Identification of existing safeguards
5. Estimating consequences
6. Risk identification
7. Determining the risk acceptability threshold

Requirements

Target Audience

  • Individuals serving as Data Protection Officers
  • Professionals interested in expanding their knowledge in this domain
 14 Hours

Number of participants


Price per participant

Open Training Courses require 5+ participants.

Testimonials (1)

The variety of the information shared and the clarity to explain terms in plain English.

Arisbe Mendoza - Fairtrade International
Course - GDPR Workshop

Upcoming Courses

Personal Data Protection Officer - Advanced Level

2026-07-27 09:30
14 hours
Puerto Madero - Torre Colonos Sur
4330 USD (Online)
5330 USD (Classroom)

Personal Data Protection Officer - Advanced Level

2026-08-10 09:30
14 hours
Buenos Aires - Laminar Catalinas
4330 USD (Online)
5330 USD (Classroom)

Personal Data Protection Officer - Advanced Level

2026-08-24 09:30
14 hours
Buenos Aires - Libertador
4330 USD (Online)
5330 USD (Classroom)

Personal Data Protection Officer - Advanced Level

2026-09-07 09:30
14 hours
Còrdoba - Ecipsa Tower
4330 USD (Online)
5330 USD (Classroom)

Related Courses

GDPR Workshop

 7 Hours

Gain comprehensive mastery of the core principles governing the General Data Protection Regulation through an intensive one-day session tailored for managers, department heads, and compliance professionals. The curriculum addresses GDPR foundations, the rights of data subjects, fundamental protection principles, consent mandates, obligations regarding breach notifications, and the concept of privacy by design. Participants will acquire practical frameworks to deploy GDPR compliance strategies throughout their organization, thereby ensuring lawful data processing practices and fostering a culture of accountability in data protection.

Read more...

How to Audit GDPR Compliance

 14 Hours

This course is designed specifically for auditors and other administrative professionals responsible for ensuring that their control systems and IT environments adhere to current laws and regulations. The program starts by providing a comprehensive understanding of core GDPR concepts and their impact on auditing practices. Participants will examine the rights of data subjects, the obligations of data controllers and processors, and key principles regarding enforcement and compliance. Additionally, the training includes an audit framework provided by ISACA, which equips auditors to evaluate GDPR governance and response mechanisms, as well as supporting processes that help mitigate risks associated with noncompliance.

Read more...

PECB GDPR - Certified Data Protection Officer

 35 Hours

The PECB Certified Data Protection Officer training course empowers you to acquire the essential knowledge and skills, and develop the competence required to perform the role of a data protection officer within a GDPR compliance program implementation.

Why should you attend?

As the value of data protection grows, the need for organizations to safeguard this data continues to increase. Non-compliance with data protection regulations not only violates the fundamental rights and freedoms of individuals but also exposes organizations to risky situations that can harm their credibility, reputation, and financial standing. This is where your skills as a data protection officer become crucial.

The PECB Certified Data Protection Officer training course will help you acquire the knowledge and skills to serve as a Data Protection Officer (DPO), assisting organizations in ensuring compliance with the General Data Protection Regulation (GDPR) requirements.

Through practical exercises, you will master the role of the DPO and become competent in informing, advising, and monitoring compliance with the GDPR, as well as cooperating with the supervisory authority.

After attending the training course, you can sit for the exam. If you successfully pass the exam, you can apply for the “PECB Certified Data Protection Officer” credential. The internationally recognized “PECB Certified Data Protection Officer” certificate demonstrates that you have the professional capabilities and practical knowledge to advise controllers and processors on how to meet their obligations regarding GDPR compliance.

Who should attend?

  • Managers or consultants seeking to prepare and support an organization in planning, implementing, and maintaining a compliance program based on the GDPR
  • DPOs and individuals responsible for maintaining conformance with the GDPR requirements
  • Members of information security, incident management, and business continuity teams
  • Technical and compliance experts seeking to prepare for a data protection officer role
  • Expert advisors involved in the security of personal data

Learning objectives

  • Understand the concepts of the GDPR and interpret its requirements
  • Understand the content and the correlation between the General Data Protection Regulation and other regulatory frameworks and applicable standards, such as ISO/IEC 27701 and ISO/IEC 29134
  • Acquire the competence to perform the role and daily tasks of the data protection officer in an organization
  • Develop the ability to inform, advise, and monitor compliance with the GDPR and cooperate with the supervisory authority
Read more...

Personal Data Protection Officer - Basic Level

 21 Hours

Purpose of the Training

  • Introducing participants to the structured and comprehensive framework governing personal data protection under Polish and European legislation.
  • Equipping learners with practical insights into the new regulations for processing personal data.
  • Highlighting key areas of legal risk associated with the enforcement of the GDPR.
  • Providing practical preparation for independently fulfilling the responsibilities of a Personal Data Protection Officer.
Read more...

Related Categories

GDPR
GDPR