Share |
Download: Flyer - Black&White (.PDF 406kb)
                          Course Outline (.PDF 366kb)

             Early Bird Deadline          CGBP                                                                                  
presents

THURSDAY & FRIDAY, 27 & 28 FEBRUARY 2020 * 9:00AM to 5:00PM
EDSA SHANGRI-LA HOTEL, MANDALUYONG CITY, PHILIPPINES

Consultants charge a lot of money to help organizations prepare their privacy impact assessments as part of their data privacy compliance requirement. Take advantage of this training opportunity to learn it for yourself and your organization!

This is to enable you or Personal Information Controllers (all those who set the policies) and Processors (all those who collect, process and file information) to conduct privacy impact assessment of your filing system, information system, automated system, and technology platform that are involved in the processing of personal data as required by the National Privacy Commission based on Advisory No. 2017-03.

Attendees of this training will be provided with the best practices methodology to identify, analyze, evaluate, remedy and report the security incident and vulnerabilities associated to the violation of data privacy and information security. Once you have completed this task, you are ready to move on to prepare your Data Privacy Management Manual.

   Limited Seats Only, Pre-Registration Required

   REGISTER NOW
Avail of the Early Payment &
Group DISCOUNTS


   Contact Person: Aiza Cuenca
   Manila lines (+632) 8556-8968 or 69
  Telefax (+632) 8842-7148 or 59
   Cebu lines (+63 32) 512-3106 or 07
   Baguio line (+63 74) 423-2914
   Legazpi line (+63 52) 736-0148
   Email: aiza.cgbp@yahoo.com Check: www.cgbp.org
Course Director & Lecturer:

John Macasio -
is the trainer and consultant at the Information and Communications Technology Literacy and Competency Development Bureau of the Department of Information and Communications Technology.

He has recently done capability building of management and workforce on privacy impact assessment and privacy and security management manual with the following organizations among many others:
   1. Department of Finance and some of its attached agency
   2. Department of Agriculture – National Meat Inspection Services
   3. Philhealth - Information Security Group
   4. Light Rail Transit Authority
   5. Philippine Fish Port Authority
   6. MAA General Assurance
   7. PHIVIDEC Industrial Authority

He co-authored the United Nations ESCAP/APCICT published guidance on ICT Project Management – Theory and Application. The academy module has been introduced and translated in six (6) countries.
Who Should Attend:

  1. Personal Information Controller
    (Business Owners, CEOs/ COOs,
    GMs, Administrators, Policy and
    Decision Makers)
  2. Personal Information Processor
    (HR Leaders, Business Managers,
    Sales People, Record Keepers,
    Registrars, etc.)
  3. Data Protection Officer
  4. Compliance Officer for Privacy
  5. Business & Technology Managers
  6. Business Consultants
---------------------------------------------------

Get as much as 10% discount
when you enroll and prepay on or before Feb 17 and register as a group of 3 or more!

Training Investment is P16,980 inclusive of Meals, Resource Kit & Certificate of Attendance

This training is open to the
General Public



DATA PRIVACY COMPLIANCE TRAINING:
HOW TO PREPARE YOUR PRIVACY IMPACT ASSESSMENT

EDSA Shangri-La Hotel, Mandaluyong City, Philippines
9:00 am to 5:00 pm, Thursday & Friday, February 27 & 28, 2020



Program and Course Content


TRAINING OBJECTIVES

1. Organize the accountability, responsibility and competency that come with doing privacy impact assessment, namely data subject, personal information controller, personal information processor, business service owner, business process owner, and subject matter experts on legal, governance, process, data, record, system, and technical.

2. Get agreements on the activities related to information gathering, elaboration and analysis, solution development, document drafting, content review, and report approval, in the manner that agrees with the NPC advisory on Privacy Impact Assessment requirement.

3. Create and agree on the fitted data privacy compliance requirement and data security control checklist, and work plan of tasks-time-responsible-resources-deliverables to be followed in doing privacy impact assessment for the identified line of business.

4. Identify the line of business and the functions that require personal data to be collected, retained, used, disclosed and disposed.

5. Gather, identify, classify and create the latest recorded inventory of personal data requirement – personal information, sensitive personal information, and privilege information for the program, project, system, process, or technology that are currently being operated, being tested, being acquired, being designed or being retired by the enterprise or agency.

6. Identify and map to visualize the operation processing activities and how data flow from start to end of data processing cycle.

7. Identify and describe the applied or adhered data processing policy and rules of the program, system, project and technology in order to examine risks associated to policy.

8. Perform data privacy and security compliance analysis by adapting a legal and control framework on privacy protection and data security that will reveal the state of agreement and weakness of the program, project, system, process, or technology to uphold data privacy rights, security principles, security controls, and legal process.

9. Do privacy risk (impact) assessment
      1. Identify the conditions of threat and the vulnerabilities that exist in the program, project, system, process, or technology
      2. Make representation of the kind of dangers that non-compliance represents to the business operation
      3. Measure the risks of the identified security incident and privacy threats
      4. Agree on the risk map and the associated measures to control the threats.


TRAINING PARTICIPANTS

The training is designed for the head of organizations and personnel who are identified by the Data Privacy Act of 2012:
      1. Personal Information Controller
      2. Personal Information Processor
      3. Data Protection Officer
      4. Compliance Officer for Privacy
      5. Managers of Business and Technology


TRAINING DURATION

The training is two days of lecture and workshop


TRAINING CONTENT



TIME DAY 1 DAY 2
8:00am Registration Recap
9:00am Topic 1
Mandated Outcomes of Data Privacy Act for the Enterprise and Agency of What to Achieve, What Prevent, What to Maintain, and What to Eliminate
Topic 5
Privacy Impact Assessment Terminologies, Actors, Process Events, and Documentation Template.
Setting up the common language for transparency, participation and understand ability of security and privacy risks assessment
10:20am Break
10:40am Topic 2
Organization of Privacy Accountability and Responsibility. And the Privacy Service Agreements
Topic 6
Measuring Information Security and Data Privacy Security Incident Penalized by Law, and Creating Threats Intelligence
12:00nn Lunch Lunch
1:00pm Topic 3
Data Privacy Regulations and Advisory Compliance Requirements
Topic 7
Privacy Impact Assessment of a Business Process as to threats and vulnerabilities associated to violation of privacy rights and application of privacy principles, and the remediation plan
3:00pm Break
3:20pm Topic 4
Look Up Regulatory and Practice Standards of Security Risks Evaluation and Privacy Impact Assessment
Topic 8
Privacy Impact Assessment of a System or Technology as to its compliance to privacy process, data privacy principles, security and privacy architecture, and adapted technical security controls. The risks of non-compliance and the remediation plan
5:00pm Home Home


 








---------------------------------------------------------------------------------------------------------------------------------------------------------------------------

NOTE: PARTICIPANTS IN THIS TRAINING ARE ALSO ENCOURAGED TO ATTEND THE TRAINING ON



Date: Wednesday & Thursday, March 18 & 19, 2020
Venue: Marriott Grand Ballroom, Resorts World Complex, Pasay City, Philippines

Organizations are required to have its own Data Privacy Management System and Manual
in compliance with the Data Privacy Act.

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------

The Center for Global Best Practices also provides in-house training and offers professional consulting service to help organizations comply with the mandated requirement of the National Privacy Commission.

Contact details for your training or consulting requirement/s:
(+63 2) 8842-7148 or 59
(+63 2) 8556-8968 or 69


---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TRAINING FEE PER PERSON: P16,980 (Fee covers Meals, Resource Kit, Certificate of Attendance)

GET AS MUCH AS 10% DISCOUNT! AVAIL OF ANY OR ALL OF THE FOLLOWING:

Less 5% for early registrants (on registrations made on or before January 27, 2020)
Less 5% for early payment (if made on or before February 17, 2020)
Less 5% for group registration (minimum of 3 participants)

CLICK HERE TO ENROLL NOW!
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Share |
Download: Flyer - Black&White (.PDF 406kb)
                          Course Outline (.PDF 366kb)