EU General Data Protection Regulation Awareness Course

With the Introduction of the GDPR in May 2018, now is the time to prepare your company and business for the challenges that we all face.  This regulation will apply to every UK company from 25th May 2018 and the onus is on your company to understand the risks that they create for others and to mitigate those risks.

Why do we need to understand the affects of GDPR?

If your organisation processes personal information, GDPR will affect the way you operate as a business and will require you to introduce a number of key changes, including:

• new rules on international data transfers
• documenting data processing activities
• performing data protection impact assessments
• potentially appointing a Data Protection Officer

Non-compliant companies face greater penalties under this new regulation - up to 4% of annual global turnover or €20 million.

This highly interactive course is delivered by OSP Cyber Academy, with the training accredited by GCHQ. It provides delegates with an insight into the fundamental knowledge and awareness of the GDPR, how to apply effective governance and risk management, how to deliver GDPR compliance and the capability to execute the requirements of the regulation. Delegates are encouraged to ask specific questions relating to their circumstances, as well as, discuss the practicalities of what is meant by ‘compliance’ and how to enhance information security and data protection.

KEY LEARNING OBJECTIVES:

By participating on this GCHQ certified training course you will:

• Understand the common themes related to GDPR and data protection that all organisations are encountering
• Learn about the key components of GDPR and the impact of the UK Data Protection Bill
• Understand how to address the question of GDPR compliance and how to implement the necessary changes within your business
• Gain an insight into the relationship between GDPR governance, Risk Management and capability
• Understand how GDPR creates opportunities to grow business value, whilst protecting it from potential material impact

IA Member £650.00 +VAT

Non-Member £780.00 +VAT

Payment for the course must be made in full before the course commencement date.

Any cancellation must be made in writing. For all cancellation received 15-30 days prior to the course start date, 50% of the course fee is still payable. No refund is given for a cancellation made 14 days or less prior to the commencement of a course. Transferring from one course to another is treated as a cancellation. You can substitute one delegate for another at no additional cost. In this instance, please give two business days’ notice.

Richard Preece, Chief Training Officer, OSP Cyber Academy

Richard is an experienced international hybrid consultant and trainer in Data Protection, Cybersecurity and Risk Management. He enables teams and organisations to become more strategically agile and resilient, to seize opportunities and minimize the dangers of the current and future digital hyper-connected world.
He is a co-opted member of the panel of the new British Standard Cyber Risk and Resilience - Guidance for Boards and Executive Management and the British Standards Institute Governance Standard Committee.

Richard is a chapter author for Managing Cybersecurity Risk – How Directors and Corporate Officers can protect their businesses. He has written a follow-up chapter on the use of scenario workshops to prepare for the General Data Protection Regulation (GDPR, which will be published shortly, and in he has also co-authored a recent Whitepaper, GDPR: A Catalyst to Drive Real Action Around Privacy and Security.

In addition, Richard is also an Associate of the Henley Business School on their GDPR Integration Programme.

09:30 Introduction

• Introductions, Purpose and Agenda for the Course, including delegates personal aims from the course participants

09:45 The What, Why, Who, When, Where and How of GDPR

• An overview of the Regulation and some of the key issues

10:45 Preparing for and Compliance with GDPR: Part 1 - Governance

• An overview of how Governance and alignment with strategy is key, to help deliver ‘so whats’ of the Accountability Principle introduced by GDPR

11:15 Break

11:30 Preparing for and Compliance with GDPR: Part 2 – Risk Management and Capability

• An overview of how contextual based Risk Management, based upon Data Protection Impact Assessments (DPIAs), which can integrate into Enterprise Risk Management to help deliver Data Protection by Design and by Default required by GDPR

12:30 Lunch

13:30 GDPR Data Protection Impact Assessment (DPIA) Scenario

• A practical walk through an initial DPIA to consider a business case from a data protection perspective

15:15 Break

15:30 Next Steps: High Level Roadmap

• A simple framework of what to do next, to either start or continue on GDPR compliance activities

16:00 Closing Remarks Summary of the day, including final Q&A, plus feedback and administration

16:30 Course close

This course is aimed at Data Protection Officers (DPOs) and those requiring a more detailed knowledge to support organisational change and on-going compliance.  It will develop knowledge and skills required, by focusing upon experiential learning through the use of interactive scenarios that a DPO is likely to encounter.