This course will provide you with the insights and techniques to successfully plan and execute an audit of your organisation’s compliance with the EU General Data Protection Regulation (the GDPR).  You will learn about the key aspects of the GDPR and how to ensure they are being implemented within your organisation.  During the course you will gain an understanding on how to identify the scope of an audit and how to conduct a successful audit within that scope.

At the end of the course, you will leave with an understanding as to why effective audits are key to maintaining compliance with the GDPR and how such audits can be planned and conducted.

What you will learn in this course

• The key elements of the GDPR
• The importance of an effective audit
• The techniques to define the scope of the audit
• Understanding Risk assessment and risk management, which are Key to GDPR
• Data Protection Impact Assessments (DPIA) and their importance to GDPR
• Developing an audit plan
• Conducting an audit
• Presenting the findings of an audit
• Integration of the audit with your organisation’s management system
• Dealing with issues and continuous improvement.

By the end of the course, you will

• Be able to assess your organisation’s compliance with the GDPR;
• Be able to facilitate the development of an effective audit plan;
• Be able to conduct a fair, impartial, and unbiased audit
• Have exchanged experiences with colleagues from other organisations and countries.

Who is this course for

• Anyone, in both public and private sector, with a responsibility for the compliance of their organisation with the GDPR
• Anyone who’s involved with the assurance and continuous improvement of the GDPR in their organisation
• (Future) internal auditors.

Course methodology and highlights

We believe learning happens best with practical knowledge. So this course includes:

• Individual preparation for the course: you are invited to bring along any information about the mission, vision, values, and data protection (GDPR) framework within your organisation for casework
• Detailed explanations of the key concepts, principles, its actors and roles in the field of GDPR
• Group and individual assignments
• Interactive approach. The module’s structure will give you the possibilities to ask questions, share experience, knowledge, needs and challenges with the trainer and other participants
• Room for note making of the learning with respect to your own situation.