GDPR for Internal Auditors
The General Data Protection Regulation (GDPR) has come into force in May 2018. Since then, all entities that process personal data are expected to enforce the accountability principle: to demonstrably take control over the personal data processing within their responsibility. As an internal auditor, GDPR will affect the scope of your work as now you can challenge the compliance of the personal data processing within your company.
The aim of this training is to help the participants understand the impact of GDPR on the internal auditor function, and to help build or update audit testing plans to assess the risk-based approach imposed by the GDPR.
By the end of this training, the participants will be able to:
- Review major impacts of GDPR and their implications on internal audit responsibilities.
- Identify the changes and amendments to be made on their current plans and procedures.
- Determine their next steps to embed GDPR in their area of responsibilities.
This session will give an overview on:
- GDPR scope and context
- Main GDPR obligations for entities that process data
- GDPR Governance and risk-based approach
- Assessment of GDPR in the Luxembourgish context
This course will also cover questions such as:
- Protecting personal data in the audit department
- GDPR points in outsourcing agreements
- IT control design in line with GDPR controls
A qui s'adresse la formation?
An attendance certificate will be sent to participants.