Data Privacy

Data Protection Auditor (DSA)

This intensive course provides a sound understanding of the legal and normative requirements in data protection, including the EU GDPR, BDSG and ISO 19011. With the knowledge gained, participants will be able to plan and conduct data protection audits and develop and implement effective data protection management systems. Your communication skills and questioning techniques will be strengthened to interact effectively with different stakeholders during the data protection audit. Practical exercises complete the course.

On-Site/Virtual

Preise ab€ 1.990 zzgl. 19% Ust

duration: 3 days

Level: Fortgeschrittene

Code: DSA

CPEs: 30

Buchen Sie noch heute online oder rufen Sie uns an unter +49 7031 2024742, wenn Sie Hilfe bei der Auswahl des richtigen Kurses benötigen oder über Firmenrabatte sprechen möchten.

Train to become a data protection auditor and learn the skills to carry out effective data protection controls and assessments in companies.

Your benefits

Schönbrunn TASC is a DEKRA accredited training organization (ATO). This means that you have access to official ISACA course materials and can take your data protection specialist exam during the course at the Schönbrunn TASC training center. If you do not pass the exam on your first attempt (which we do not expect), our performance guarantee covers you - this means you train for free the second time.

• You learn in small groups (max. 10 participants per course)
• In-house modern training room and test center in a distraction-free, quiet atmosphere (PSI/ Pearson Vue/ EC Council/ Kryterion)
• Experienced, constantly trained trainers guide you through the course
• You will receive comprehensive training materials, manuals and case studies for self-study
• Interactive discussions and group work will help you in the application
• A small breakfast, lunch, snacks and drinks are provided throughout the day
• hotel recommendations near the training and test center
• it is possible to take the exam at the Schönbrunn TASC test center afterwards**

Requirements

Prerequisite for participation in the seminar Data Protection Auditor (DEKRA) is the passed examination Data Protection Officer (DEKRA) or the same level of technical knowledge.

Target group

• Data protection officers and those responsible for data protection in companies who wish to qualify as data protection auditors and thus primarily want to train internal or external data protection officers or deepen their knowledge of data protection auditing.
• Employees in companies who are responsible for the implementation of and compliance with data protection regulations and who are to act as internal data protection auditors.
• External consultants who would like to carry out data protection audits to support companies in complying with legal requirements.

Training schedule

1. legal and normative requirements

• Understanding the difference between GDPR and BDSG and their scope of application.
• EU General Data Protection Regulation (GDPR): Basic principles, scope of application, rights of data subjects, responsibilities of controllers and processors.
• Federal Data Protection Act (BDSG): Special regulations and additions to the GDPR in the national context
• Understanding the minimum requirements for auditors and the requirements for auditing management systems, in particular data protection management systems
• ISO 19011: Guidelines for audits of management systems, application to data protection audits

2. data protection management system

• Structure of a data protection management system (DMS):
  • Definition of terms: Manual, policy, guidelines, concepts, processes, procedural instructions, documents, evidence
  • Document pyramid
  • Structure and elements of an effective DMS in the company.
• Best practices for developing and implementing data protection policies and concepts in line with legal requirements.
• Role, duties and responsibilities of a data protection officer in implementing and maintaining a data protection management system in the company

3. data protection policy & data protection concept

• Definition of a data protection policy.
• Relationship between corporate objectives and data protection policy.
• Responsibilities.
• Communication and implementation of the data protection policy: methods for communicating the data protection policy within the company and ensuring that it is understood and followed by employees.
• Best practices for creating data protection concepts and guidelines.
• Audit methods and monitoring mechanisms to ensure compliance with legal requirements in data collection, processing and storage processes.
• Best practices for conducting a DPIA in accordance with the requirements of the GDPR for high-risk data processing operations

4. planning, implementation and follow-up of data protection audits

• Management of an audit program
• Audit planning: preparation and organization of a data protection audit, including definition of audit objectives and scope
• Audit implementation: Methods and techniques for conducting data protection audits, including questioning techniques and conducting discussions during the audit.
• Audit follow-up: reporting and documentation of audit results, follow-up of corrective actions.

6. communication, conducting discussions in the audit, questioning techniques

• Basics of communication in the audit
• Conducting conversations in the audit in accordance with ISO 19011:: Techniques for conducting conversations and interviews during the audit.
• Questioning techniques: Application of appropriate questioning techniques to obtain relevant information during the audit.

7. requirements for auditors

• Audit principles
• Competence and assessment of auditors
• Required knowledge, skills and experience for data protection auditors
• Ensuring independence and objectivity during the audit.
• Ethical standards and codes of conduct for auditors

Certification

Data Protection Auditor (DSA)

Duration:

Format: Multiple Choice

Languages: German

The European General Data Protection Regulation (EU-GDPR) and the Federal Data Protection Act (BDSG) are permitted as aids