Cyber, Security, Privacy, Cyber Security
Edu type:
Course or training
Associate degree (EQF 5), Bachelor (EQF 6), Doctorate/PhD (EQF 8), Master (EQF 7)
Start date:
Study Load:
24 hrs
3 days
More information


On this accelerated 3-day Certified Data Protection Officer course you'll develop the skills to implement, manage and align a privacy framework based on General Data Protection Regulation (GDPR) requirements for your organisation.

You'll get an insight into the critical gap between the GDPR and current organisational processes such as security policies, procedures and working instructions. Understanding and acting on this knowledge will help safeguard your organisation from prosecution in the event of a cyber breach. Breaches to EU regulation by multinationals can result in fines upwards of £20 million and could be as high as 4% of worldwide gross turnover.

Some of the modules you'll cover throughout the course include:

  • Privacy fundamentals
  • European data protection framework
  • International data protection framework
  • Data protection and information technologies
  • Privacy security Management and incident response
  • Information system audit
  • Privacy governance
  • Education approach

With the EU GDPR coming into effect in 2018, organisations need to prepare now. This law applies to firms both in the EU, but also those outside that handle personal data of EU citizens. These regulations establish a legal requirement that organisations with more than 200 staff employ a full-time Data Protection Officer.

On this course you'll be prepared for and sit the PECB Certified Data Protection Officer Exam. This is covered by your Certification Guarantee.

This course is aimed at Data Protection Officers as well as individuals involved in data protection and data privacy. This includes project manager and operational managers.

This course is designed to complement the Certified Lead Privacy Implementer course.


Privacy Foundations

  • Introduction to personal data protection
  • Presentation of the General Data Protection Regulation
  • Fundamental concepts included in the GDPR
  • Explaining definitions under the General Data Protection Regulation
  • Exercise

International Framework

  • Introduction of the internet governance
  • Look into the UN resolutions involving personal data protection
  • Safe international transfer of personal data to non EU states
  • Green lists: Countries with an adequate level of personal data protection
  • Binding Corporate Rules
  • International agreements: PNR’s (Australia, Canada, US), Privacy Shield
  • Explicit consent for international transfer; when do you need it?
  • Personal data protection in USA, Canada, South America
  • Exercise

Data Protection and Information Technologies

  • Fundamentals in information security risk management
  • Analyzing fundamental principles of confidentiality and Integrity (and Availability)
  • Implication of the GDPR for access policies
  • GDPR security measures (pseudonymization and cryptography)
  • Exercise

Privacy and Security

  • Understanding the implication of technology in personal data protection
  • Big data: systematic and automated profiling
  • Big data and the GDPR
  • Internet of things: Devices that gather (non-stop) personal data and the alignment with the GDPR
  • Presentation of the new era with quantum computing
  • Exercise

Management and Incident Response

  • Understanding what is a personal data breach
  • Explaining how to react under a personal data breach
  • Introducing different types of incidents
  • Necessity of a continuity plan and policies for accountability
  • Exercise

Data Protection Impact Assessment

  • Understanding what is Data Protection Impact Assessment according to the GDPR
  • Answering on why, when and how should a DPO assess in the process of carrying out a DPIA
  • Explaining in detail the steps to follow in a DPIA
  • Introducing and explaining the Personal Data Life Cycle
  • Exercise on the relation of the Personal Data Life Cycle and the Fundamental Principles under the GDPR
  • Practical case scenario on conducting a DPIA