Participants will be introduced to the legal framework for the protection of personal data. They will acquire skills for the preparation and successful implementation of a GDPR audit.
Intended for: Internal auditors, cyber security auditors, data protection officers, compliance specialists and all others who want to get acquainted with the issue.
Level: For all levels.
- The European Parliament has adopted a new regulation, the so-called General Data Protection Regulation ("GDPR"), which will fundamentally change European legislation on personal data protection. For all entities (private and public) that process the personal data of EU citizens, the GDPR implies the emergence of new obligations in connection with increasing the protection and rights of EU citizens. The regulation entered into force on 25 May 2018 and replaced the previous legislation on personal data protection in the Czech Republic. The course participants will get acquainted with the principles of the new legislation and acquire skills for the preparation and successful implementation of a GDPR audit:
- Explanation of key concepts and principles of GDPR: personal data and special categories of personal data, controller, processor, recipient, data subject, processing of personal data, basic principles of personal data processing.
- Rights of personal data subjects, their application and processing (right of access to data, right to be forgotten, right to data portability).
- Commissioner for Personal Data Protection (status, tasks, procedures), Commissioner and IA, three lines of defense.
- Preparation of a GDPR audit - audit objectives, audit focus, team composition, preliminary investigation.
- Conducting the audit - the procedure for conducting interviews and testing.
- Typical risks and shortcomings - responsibility, processing principles, approvals, records of processing activities, processing of requests, processors and contracts with them, etc. (risk, method of verification, what to verify).
- Verification of typical processes in the organization (eg human resources and payroll, purchasing and orders, trade, promotions and marketing, finance, IT, security and cameras, etc.).
Lecturers: Mgr. Stanislav Klika, Director - Risk Advisory Services
Registration and more information here