BCS Practitioner Certificate in Data Protection Training Course

This one-day course is for people looking for a brief outline of the GDPR – General Data Protection Regulations coming out May 25, 2018. This is ideal for managers, department heads, and employees who need to understand the basics of the GDPR.

This is more in-depth and would be for those working a great deal with the GDPR and who may be appointed to the GDPR team. This would be ideal for IT, human resources and marketing employees, and they will deal extensively with the GDPR.

This course is developed primarily with focus on auditors and other administrative roles who are
tasked to ensure compliance of their control systems and IT environment with prevailing laws and
regulations. The course will begin by giving understanding of key GDPR concepts as well as how it is
going to affect the work performed by auditors. Participants will also explore data subjects rights,
data controllers and processors obligations, and enforcement and compliance notions in the
context of the Regulation. The training will also cover the audit program provided by ISACA that will
enable auditors to review GDPR governance and response mechanisms as well as supporting
processes which can help manage the risk associated with noncompliance.

The PECB Certified Data Protection Officer training course enables you to acquire the necessary knowledge and skills, and develop the competence to perform the role of the data protection officer in a GDPR compliance program implementation.

Why should you attend?

As data protection is becoming more and more valuable, the need for organizations to protect these data is also constantly increasing. Besides violating the fundamental rights and freedoms of persons, not complying with the data protection regulations can lead to risky situations that could harm an organization’s credibility, reputation, and financial status. This is where your skills as a data protection officers come to place. 

The PECB Certified Data Protection Officer training course will help you acquire the knowledge and skills to serve as a Data Protection Officer (DPO) so as to help organizations ensure compliance with the General Data Protection Regulation (GDPR) requirements.

Based on practical exercises, you will be able to master the role of the DPO and become competent to inform, advise, and monitor compliance with the GDPR and cooperate with the supervisory authority.

After attending the training course, you can sit for the exam, and if you successfully pass the exam, you can apply for the “PECB Certified Data Protection Officer” credential. The internationally recognized “PECB Certified Data Protection Officer” certificate will prove that you have the professional capabilities and practical knowledge to advise the controller and the processor on how to meet their obligations regarding the GDPR compliance.

Who should attend?

• Managers or consultants seeking to prepare and support an organization in planning, implementing, and maintaining a compliance program based on the GDPR
• DPOs and individuals responsible for maintaining conformance with the GDPR requirements
• Members of information security, incident management, and business continuity teams
• Technical and compliance experts seeking to prepare for a data protection officer role  
• Expert advisors involved in the security of personal data

Learning objectives

• Understand the concepts of the GDPR and interpret its requirements
• Understand the content and the correlation between the General Data Protection Regulation and other regulatory frameworks and applicable standards, such as ISO/IEC 27701 and ISO/IEC 29134
• Acquire the competence to perform the role and daily tasks of the data protection officer in an organization
• Develop the ability to inform, advise, and monitor compliance with the GDPR and cooperate with the supervisory authority

Educational approach

• This training course is based on both theory and best practices used in exercising the role of the DPO.
• Lecture sessions are illustrated with practical exercises based on a case study which include role-playing and discussions.
• The participants are encouraged to intercommunicate and engage in discussions and exercises.
• Practice exercises and quizzes are similar to the certification exam.

General Information

• Participants will be provided with the training course material containing over 450 pages of explanatory information and practical examples.
• An Attendance Record worth 31 CPD (Continuing Professional Development) credits will be issued to participants who have attended the training course.

Purpose of the Training

• Acquainting the audience with systematized, comprehensive issues of the functioning of personal data protection on the basis of Polish and European law
• Providing practical knowledge about the new rules for the processing of personal data
• Presentation of the areas of the greatest legal risks in connection with the entry into force of the GDPR
• Practical preparation for independent performance of the duties of a Personal Data Protection Officer

Purpose of the Training

• Gaining practical knowledge on how to perform the tasks of the Inspector
• Gaining practical knowledge of how to audit and how to assess risk
• Providing practical knowledge about the new rules for the processing of personal data

Who is it for:

People involved in or implementing the DevOps process, including roles such as DevOps evangelist; automation architect; cloud infrastructure engineer; software developer; software tester; security engineer; database administrator and product owners. Read the syllabus below for a more complete list of roles.

What will I learn:

By the end of this training, participants will be able to demonstrate knowledge, understanding and some basic application of the following aspects of DevOps:

• Origins
• Benefits
• Culture and teams
• Automation
• Lean
• Measurement
• Sharing
• Common roles
• Practices and techniques
• Methods and approaches for teams

Format of the Course:

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

This course is for anyone who needs to understand data protection and GDPR in particular.

At the end of the course candidates should be able to:

• Hold a recognised qualification in data protection.
• Gain an understanding of the key changes that the GDPR and the Data Protection Act (2018) bring to data protection.
• Gain an understanding of the new rights available to data subjects and the implications of those rights with the GDPR and Data Protection Act (2018).
• Gain an understanding of individual and organisational responsibilities under the GDPR and the Data Protection Act (2018), particularly the need for effectiveness record keeping.
• Gain an understanding of the increased obligations faced by data controllers and data processors as a result of the GDPR coming into force and the Data Protection Act (2018) being enacted.
• Be better placed to support their organisation in processing customer data in compliance with the GDPR and the Data Protection Act (2018).

Who is it for:

Anyone with an interest in information security, whether as a career or for general business knowledge.

This certificate is relevant to anyone requiring an understanding of Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable organisations to begin to ensure their information is protected appropriately.

What will I learn:

Candidates should be able to demonstrate: 

• Knowledge of the concepts relating to information security management. 
• Understanding of current national legislation and regulations which impact upon information security management. 
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
• Understanding of the current business and common technical environments in which information security management must operate. 
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics. 

Note: This is the four day course which adds one additional day to the standard delivery to provide more time for exam preparation and practice exercises.

Who is it for:

Anyone with an interest in information security, whether as a career or for general business knowledge.

This certificate is relevant to anyone requiring an understanding of Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable organisations to begin to ensure their information is protected appropriately.

What will I learn:

Candidates should be able to demonstrate: 

• Knowledge of the concepts relating to information security management. 
• Understanding of current national legislation and regulations which impact upon information security management. 
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
• Understanding of the current business and common technical environments in which information security management must operate. 
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.

Who is it for:

Security professionals looking to understand the technical and business aspects of the profession or anyone looking to work in the field of security architecture.

• System Administrators who wish to become security architects
• Technical architects looking to move into the field of security architecture 

This certificate also offers a complimentary certification for those awarded or looking to achieve CCP status in IA.

What will I learn:

Candidates should be able to:

• Describe the business environment and the information risks that apply to the systems.
• Describe and apply security design principles.
• Identify information risks that arise from potential solution architectures.
• Design alternate architectures or countermeasures to mitigate identified information risks.
• Ensure that proposed architectures and countermeasures adequately mitigate identified information risks.
• Apply ‘standard’ security techniques and architectures to mitigate security risks.
• Develop new architectures that mitigate the risks posed by new technologies and business practices.
• Provide consultancy and advice to explain Information Assurance and architectural problems.
• Security configure ICT systems in compliance with their approved security architectures.

Who is it for:

Anyone who is involved in the areas of information security and information assurance. 

The certificate is relevant to anyone requiring an understanding of Business Continuity Management as well as those who are involved in the areas of information security and information assurance.

What will I learn:

Candidates should be able to demonstrate: 

• The function of and need for business continuity management within an organisation
• The business continuity management life cycle
• The main components of a business continuity management programme
• The need for risk assessment within business continuity management
• The options for development of a business continuity management strategy
• How to prepare and develop plans for business continuity management response  
• The need for exercising, maintenance and review of plans 
• The need for embedding business continuity management awareness within the organisation 

Who is it for:

Anyone who is involved in the areas of information security and information assurance.

What will I learn:

Candidates should be able to demonstrate:

• How the management of information risk will bring about significant business benefits.
• How to explain and make full use of information risk management terminology.
• How to conduct threat and vulnerability assessments, business impact analyses and risk assessments.
• The principles of controls and risk treatment.
• How to present the results in a format which will form the basis of a risk treatment plan.
• The use of information classification schemes.

There is a need to provide adequate training on the Data Protection Act 1998 "the Act" and its implications for both organisations and individuals. There are important differences between the Act and its predecessor, the Data Protection Act 1984. In particular, the Act contains important new obligations in relation to manual records and transborder data flows, a new notification system and amended principles. It is important to understand the Act in the European context.

Those experienced in data protection issues, as well as those new to the subject, need to be trained so that their organisations are confident that legal compliance is continually addressed. It is necessary to identify issues requiring expert data protection advice in good time in order that organisational reputation and credibility are enhanced through relevant data protection policies and procedures.

Objectives

The aim of the syllabus is to promote an understanding of how the data protection principles work rather than simply focusing on the mechanics of regulation. The syllabus places the Act in the context of human rights and promotes good practice within organisations. On attaining the certificate, award holders will possess:

• appreciation of the broader context of the Act
• understanding of the way in which the Act and the Privacy and Electronic Communications (EC Directive) Regulations 2003 work a broad understanding of the way associated legislation relates to the Act an understanding of what has to be done to achieve compliance a recognised qualification in data protection

Course Synopsis

The syllabus comprises three main parts, each with many sub-sections!

Context - this will address the origins of and reasons for the Act together with consideration of privacy in general. Law – Data Protection Act - this will address the main concepts and elements of the Act and subordinate legislation. Application - this will consider how compliance is achieved and how the Act works in practice.