GDPR Day One Session
GDPR Day Two Session
GDPR Day Three Session
GDPR Day Four Session
Lead Auditor and Consultant Training on CSA Code of Conduct for GDPR Compliance
Trains lead auditors & consultants in the CSA GDPR Code of Conduct and the CSA GDPR Certification. Both initiatives offer organizations a means to demonstrate their compliance and data protection transparency to GDPR.
As the course is considerably demanding, it has been adapted for live interactive webinar sessions, consisting of four days of four-hour afternoon sessions including appropriate breaks. This allows participants from both Europe and the Americas to participate. Please contact us at firstname.lastname@example.org to learn more about the possibilities for a webinar for Asia and Australia.
The course trains lead auditors and consultants on both the CSA GDPR Code of Conduct Proposal as per Article 40 GDPR and the forthcoming CSA proposal for GDPR Certification as per Article 42 GDPR. The CSA GDPR Code of Conduct as per Article 40 GDPR is currently progressing under the review of the CNIL and the CSA GDPR Certification as per Article 42 GDPR will be submitted to the CNIL for its review in the coming months.
During day one, participants will learn the controls covered in the CSA Code of Conduct, starting with the fundamentals of GDPR and the objectives, scope and methodology of the CSA Code of Conduct (CoC) and Governance and Adherence Mechanisms. Participants will then go through controls 1-5 covered in the CoC:
- CSP declaration of compliance and accountability, CSP relevant contacts, ways in which data will be processed, record-keeping and data transfer.
On day two, participants will go through the remaining controls 6-15 covered in the CoC:
- Controls 6-10: data security, monitoring, personal data breach, data portability and migration, and restriction of processing.
- Controls 11-15: data retention, restitution and deletion, cooperation with the cloud customers, legally required disclosure, remedies for cloud customers and CSP insurance policy.
During the last two days, participants will work through the practical application of the controls with one case study per day. Afterwards, participants will review and receive feedback on the work performed in each of the case studies.