Share |
Download: Flyer - Black&White (.PDF 406kb)
                          Course Outline (.PDF 366kb)

             Early Bird Deadline          CGBP                              

WEDNESDAY & THURSDAY, SEPTEMBER 8 & 9, 2021 * 1:30PM TO 4:45PM * via zoom logo

Consultants charge a lot of money to help organizations prepare their privacy impact assessments as part of their data privacy compliance requirement. Take advantage of this training opportunity to learn it for yourself and your organization!

This is to enable you or Personal Information Controllers (all those who set the policies) and Processors (all those who collect, process and file information) to conduct privacy impact assessment of your filing system, information system, automated system, and technology platform that are involved in the processing of personal data as required by the National Privacy Commission based on Advisory No. 2017-03.

Attendees of this training will be provided with the best practices methodology to identify, analyze, evaluate, remedy and report the threats and vulnerabilities associated with the violation of data privacy and information security. Once you have completed this task, you are ready to move on to develop your Data Privacy Management System and Manual.
Course Director & Lecturer:

John Macasio
is the trainer and consultant at the Information and Communications Technology Literacy and Competency Development Bureau of the Department of Information and Communications Technology.

He has recently done capability building of management and workforce on privacy impact assessment and privacy and security management manual with the following organizations among many others:

   1. Department of Finance and some of its attached agency
   2. Department of Information and Communications Technology
      – ILCD Regional Cluster
   3. National Police Commission
   4. Department of Agriculture Fish Port Authority

He co-authored the United Nations ESCAP/APCICT published guidance on ICT Project Management – Theory and Application. The academy module has been introduced and translated in six (6) countries.
Who Should Attend:
    1. Personal Information Controller
     (Business Owners, CEOs/ COOs,
     GMs, Administrators, Policy and
     Decision Makers)
   2. Personal Information Processor
     (HR Leaders, Business Managers,
     Sales People, Record Keepers,
     Registrars, etc.)
   3. Data Protection Officer
   4. Compliance Officer for Privacy
   5. Those in outsourcing business
   6. Business Consultants

Limited Slots Only, Pre-Registration Required

*Training investment inclusive of an e-certificate and a printed learning material

  P 4,580 (when you register and pay
               on or before Aug 8)
  P 5,580 (when you register and pay
                after Aug 8)

*Optional: Add P450 for a printed copy of a certificate of attendance inclusive of delivery charge


   Contact Person: Aiza Cuenca
   Telephone: (+632) 8556-8968 or 69
   Telefax: (+632) 8842-7148 or 59


WEDNESDAY & THURSDAY, SEPTEMBER 8 & 9, 2021 * 1:30PM TO 4:45PM * via zoom logo

Training: Privacy Impact Assessment Methodology


The Personal Information Controller or Processor of a business organization or government agency is any person or entity who gives instruction or executes agreement to process personal information in the business filing system and digital services of the organization. They are legally obligated to make sure that data processing instruction and execution are compliant with data privacy rules and regulations, issuances of National Privacy Commission and recognized international standards of protecting the privacy and security of personal data.

The National Privacy Commission’s Advisory 2017-01 – Designation of Data Protection Officer, has specified the mandated requirement for the “conduct of Privacy Impact Assessment relative to activities, measures, project, programs or system of the Personal Information Controller or Processor.”

The National Privacy Commission’s Circular-01 -Security of Personal Data in Government Agencies, obligates the Head of Agency to “conduct Privacy Impact Assessment for each program, process or measure within the agency that involves personal data. And to create privacy and data protection policies, taking into account the privacy impact assessment.”

The conduct of Privacy Impact Assessment, according to National Privacy Commission’s Advisory 2017-03, has to be guided with agreed best practice standards like ISO 29134, and in accordance with the prescribed NPC guidelines for the conduct of a Privacy Impact Assessment.

The six hours (2 sessions of 3 hours each) online training on Privacy Impact Assessment Methodology is designed to quickly and easily enable the designated person or entity to perform the tasks of identifying, analyzing, evaluating and mitigating the impact of the organization’s business processes and information system, or automation programs to data privacy rights, processing principles, and security measures of R.A. 10173 – Data Privacy Act of 2012. The learning process involves the use of published regulation and commonly used global standards on data privacy and protection, and appropriate assessment templates to communicate data privacy and protection level of regulatory compliance and potential risks.

The targeted participants of the training on Privacy Impact Assessment Methodology are people who directly manage the processing personal of personal information; who provide the information processing system; and who gives instruction on personal data processing requirement of the business enterprise or government agency.

Training Objectives

At the end of the training the participants achieve the following knowledge and ability:

1. To determine, describe, document and demonstrate the Privacy Impact Assessment policy, process and practices
2. To perform valid, verifiable, acceptable and actionable conformity test of the business process,
     information system and automation program to the mandated requirements for data privacy and protection
3. To accomplish the Privacy Impact Assessment reporting template with clear, coherent, complete and consistent
     input of the identified, analyzed, and evaluated data privacy and information security risks in the organization’s
     business process, information system and automated program of handling personal data.

Training Program

Learning Session Learning Topic Training Duration Training Output
Session 1 Privacy Impact Assessment Policy, Process and Practices 1 hour Requirement Checklist, Risk Assessment Procedures and Documentation Templates
Session 2 Personal Information Processing Data Privacy Rights Conformity Test 1 hour Privacy rights compliance report of the assessed business process, system or automation
Session 3 Personal Information Processing Privacy Principles Conformity Test 1 hour Privacy principles compliance report of the data processing system
Learning Session Learning Topic Training Duration Training Output
Session 4 Personal Information Security Measures Conformity Test 1 hour Information security measures compliance report of the personal data processing organization
Session 5 Data Privacy Violation Risks Assessment 1 hour Data privacy risks map
Session 6 Privacy Impact Assessment Report Template 1 hour Accomplished privacy impact assessment report template




Tuesday & Wednesday, June 15 & 16, 2021 * 1:30PM TO 4:45PM * via zoom logo


The Center for Global Best Practices also provides in-house training and offers professional consulting service to help organizations comply with the mandated requirement of the National Privacy Commission.

Contact details for your training or consulting requirement/s:
(+63 2) 8842-7148 or 59
(+63 2) 8556-8968 or 69


*Training investment is inclusive of an e-certificate and a printed learning material

      P 4,580 (when you register and pay on or before August 8)
      P 5,580 (when you register and pay after August 8)

*Optional: Add P450 for a printed copy of a certificate of attendance inclusive of delivery charge

Share |
Download: Flyer - Black&White (.PDF 406kb)
                          Course Outline (.PDF 366kb)