Internet, electronic trading, social media and mobile usage has transformed the world, generated huge growth of data and made its management a Board level issue.
Data lies at the heart of the organisation.
Laws and internal practices need to catch up to be relevant and effective.
With respect to personal data, the General Data Protection Regulation (GDPR) is the EU’s initiative to overhaul privacy laws to create an effective legislative framework. It will have a huge impact and will demand extensive self-regulation.
Internal Audit (IA) is a crucial, independent, objective assessment and assurance activity designed to de-risk and add value to an organisation. IA needs to adapt:
• To fulfil the self-regulation aspects of GDPR (and many other regulations)
• To enhance the audit framework to reflect the significance of data to the organisation.
The purpose of this course is to describe macro (big picture) and micro (the devil is in the detail) level enhancements to empower IA to ensure the organisation has an effective and powerful agenda for managing data for GDPR and beyond.
An understanding of the strengths and limitations of the macro level data controls - Architecture & taxonomies, policies, strategies and governance
An understanding of the strengths and limitations of the micro level data controls - system audits and data quality management, lineage etc.
An ability to analyse issues at different levels of management and
An ability to understand data usage across the organisation and make insightful recommendations for adding value or reducing cost
Effective monitoring, feedback and improvement of macro level data controls leading to long term systems, process, risk management and organisational improvements
Effective monitoring, feedback and improvement of micro level data controls leading to long term systems, process, risk management and organisational improvements
Creation of an effective catalyst for change in today's data driven world.
One eLearning course segmented into three modules. The contents of the three modules are described in Course Contents below.
A one day seminar/workshop, highly interactive with case study exercises and feedback
An eLearning self-paced module on the General Data Protection Regulation to provide background on GDPR and managing data about people
An eLearning module on BCBS 239, Risk data management regulation to provide background on approaches to managing data and providing effective governance.
Duration and timing
The workshop is a full day from 9-5pm
Each eLearning module has an approximate duration of 1 hour
⇒⇒⇒ Click here to start the course now
The workshop has a certificate of completion
The eLearning modules both have optional certification tests.
The test consists of multiple choice, matching pair and true/false questions. Test questions are randomised
The test should take approximately 15 minutes. There is a time limit of 30 minutes
The delegate must answer all questions correctly
On the eLearning modules there are self-assessments in each module that you can take as many times as you like
This is confidential and does not form part of your test score
The course modules and certification test are globally available without restriction
They can be accessed 24*7
The cost of the course for one delegate is GBP 650 includes the workshop and two eLearning courses (approx value GBP 200.00) (plus VAT where applicable).
Discounts for multiple purchases and corporate rates are available on request. Contact sales@edmworks.com for more information.
If you would like to pay against an invoice then please email us with Purchase Order details at sales@edmworks.com
The workshop and eLearning Courses
A recognised certificate
Entries in the EDMworks Register
The option to make this record public for job requirements
A brief history of internal audit
Underlying principles, purpose and intent
Independence and advisory roles
Processes, data, systems, quality, controls, reporting, assets
Policies, Risk, Governance and Compliance
Audit prioritisation, planning and control
Scope, objectives, principles and rights
Obligations, roles and accountabilities
Transfers and contracts
Liabilities and penalties
Privacy by design and default
Privacy Impact Assessments
Breach Incident Management
Self regulatory aspects and liaison with supervisors
Examples of other self-regulatory regulations
Data at the heart. Interaction with process and management
Data flows or data stores?
Fit for purpose data architecture
Fit for purpose data strategy
Fit for purpose data quality
Critical architectural components
Taxonomies
Organisation models for data ownership and accountability
Governance and control processes
Data flows, lineage and controls
Enterprise data dictionary and inventory
Privacy and consent management
Magic triangles: Architecture, Audit and Governance
System/process reviews
Policy compliance
Strategy compliance
Architecture compliance
Data mapping and transformation control