18. – 21. February 2019 Organizer: Center for Economic Research Belgrade
WHAT?
Phase 1 – Analysis of processes and systems in the organization, GAP analysis and the plan of compliance with GDPR:
– Analysis of the process of creation, management and flow of data in an organization, structure of data for the purpose of classification of data
– Analysis of compliance of legal acts with the Law on protection of personal data and other relevant regulations
– Analysis of the risk management process for information security
– Analysis of security aspects in the process of development of the IS
– Managing access control, managing the life cycle of identity, back-up, log control, technical vulnerability analysis, network security, etc.
– Analysis of the process of managing security events and incidents
– Analysis of existing data protection mechanisms
– Analysis of personal data protection of employees and their security checks
– Analysis of the security aspect of the relationship with suppliers
– Analysis of physical aspects of security in security zones
Phase 2 – Implementation / Execution of a Management System plan for GDPR:
– Creating an educational plan for project team
– Education of management and employees
– Analysis of the risk management process for information security
– Introduction to GDPR (structure and application)
– Basic terms (data, database, controller, processor …)
– GDPR principles and legal basis for data processing
– Responsibility for non-compliance with GDPR (penalties, risks, criminal responsibility ..)
– Mapping data flow within an organization as a basis for compliance
– Technical measures 1 (IT roles, processes, risk assessment and data breach management)
– Technical Measures 2 (Encryption, Roles, Authentication, and Authorization)
– Organizational measures and documentation (who is DPO, records, procedures, privacy …)
– Citizens’ rights (notifications, insights, corrections, deletions and transfers)
– Exporting and importing data
– Special types of processing (direct marketing, HR processes, video surveillance ..)
– Development and implementation of internal acts and control mechanisms for implementing requirements from GDPR based on GAP analysis, so that the new way of processing personal data becomes a common business practice
Who should attend?
– Project managers or consultants seeking to prepare and support an organization in planning, implementing, and maintaining a compliance program based on the GDPR
– DPO and Senior Managers responsible for the personal data protection of an enterprise and the management of its risks
– Members of an information security, incident management and business continuity team
– Expert advisors involved in security of personal data
– Technical experts and compliance experts seeking to prepare for a Data Protection Officer role
WHY PARTICIPATE?
The Certified Data Protection Officer training course enables you to develop the necessary knowledge, skills and competence to effectively implement and manage a compliance framework with regard to the protection of personal data..
After mastering all the necessary concepts of General Data Protection Regulation (GDPR), you can sit for the exam and apply for a “PECB Certified Data Protection Officer” credential. By holding a PECB Certified Data Protection Officer Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to assist organizations in applying data protection laws and regulations.
Members of the Foreign Investors Council in Serbia will receive an 10% discount on the participation fee.
WHЕRE?
Hotel Srbija, Ustanička street, no. 127c
WHEN?
18. – 21. February 2019
9.00 AM
If interested to participate, please fill in the application form https://www.ceib.rs/prijava-gdpr.html.
To learn more about the General Data Protection Regulation – PECB visit https://www.ceib.rs/gdpr.html or directly contact the organizer – Dejan Jeremic 065 970 5030.