Intro

The EU General Data Protection Regulations (GDPR) has been incorporated into British Law through the new Data Protection Act 2018 and has been enforced since the 25th of May, 2018.

All businesses handle personal data and must ensure that they are aware of the new rules and must examine the processes they currently have in place to ensure they continue to comply with the law.

This GDPR training course will outline your main responsibilities and help you to start making the necessary changes. The biggest changes under the GDPR are in relation to obtaining consent, the right to be forgotten and for some companies the need to appoint a Data Protection Officer (DPO).

Who should take this course?

GDPR Online Staff Awareness Training Course This training is suitable for all staff to ensure consistent awareness of data protection, as part of either induction or annual training. Duration: 30 Minutes.

The Course

• Developed by an experienced Data Protection Officer (DPO)
• Externally assured by APMG International under the NCSC Certified Training
• Accredited training through the Institute of Information Security Professionals (IISP) & evidence for CPD Credits
• A full audio and video voiceover session, with confirmatory questions
• On completion a certificate is provided via pdf

Content

The course is divided into two accessible, interactive modules and includes an assessment at the end of each:

• Aims of the GDPR :- summary of key changes, the Information Commissioner’s Office, changes to data protection law, preparation, sanctions, case studies and cyber security
• Definitions and Principles :- data protection terminology and the principles of data protection
• Processing, Consent and Subject Rights :- how to comply with the law, processing sensitive personal data, performance of a contract, legal obligations, obtaining consent, methods for obtaining consent, right to withdraw consent, consent to transfer data outside the EEA, existing consent and data subject rights
• Data Controller and Processor Obligations :- who is a controller, controller obligations, data security, reporting breaches, processor obligations, cross-border data transfer and further information

Aims of the course

By the end of this course delegates will:

• Understand the purpose of the GDPR
• Be able to explain what information falls under the GDPR
• Have the necessary knowledge to implement GDPR compliant processes
• Know what is expected of firms in regards to data security
• Know what rights Data Subjects have under the GDPR

Assessment

The online assessment is taken in two stages throughout the course, half way through and on completion of the training material. You will be asked 6 multiple choice questions with a pass mark of 60%.

The answers are marked automatically so you will instantly know whether you have passed.

We encourage participants to pay particular attention to the course content. You may wish to pause the video and make your own notes. If you do not achieve the required pass rate, you will need to re-sit the course.

Certification

On successful completion of the course, you will receive a quality assured certificate. This can be used to provide evidence for compliance and audit.

All of our courses are part of the NCSC Certified Training programme and accredited by IISP and CPD credited for Continuous Professional Development (CPD).

This certificate does not have an expiry date. However, based on industry Best Practice Guidelines, the recommended renewal period for this training is 1 year.

We will print this recommended renewal date on your certificate.

Intro

This course is aimed at all staff in an organisation, reflecting that everyone has an individual responsibility for cyber security and this in part requires holistically protecting themselves, friends and family in their personal life.

Course Aim

To develop all staff’s understanding of their role and responsibilities in cyber security at work but also to protect themselves, their friends and family in their private lives.

Objectives

• Understand the main sources of cyber security threats and hazards
• To provide awareness to identify potential danger, both professionally and personally; and
• General do’s and don’ts for all staff, covering countering threat techniques across: physical entry, devices and software, use of WiFi, emails, SMS and telephone calls, and other means of social engineering.

Intro

Sometimes overshadowed by the many data security issues which have arisen within Information
Technology (IT), the threat to our Operational Technology (OT) – our Industrial Control Systems – has
huge significance for all Sectors of Industry. Legislation such as the NIS Regulation 2018 carries strong
penalties and compliance is audited by Government bodies such as the Health and Safety Executive.

Course Aim

To develop all staff’s understanding of their role and responsibilities in cyber security at work but also to protect themselves, their friends and family in their private lives.

The Course

One of the biggest factors in reducing the likelihood of a cyber-attack is re-programming and training the ‘Wetware’ (us). This course is a foundation to set you on a training journey which will be different for each career path and specialisation. Armed with this introduction to cyber security for Operational Technology (OT), you will be better prepared to meet the numerous threats to our industrial processes, and to build upon this foundation to increase your knowledge and experience.

The Content

The course covers the following components:

• Understanding the difference between OT and IT
• Does the worst ever really happen?
• Understanding how segregation can help
• System Hardening
• Understanding and Managing Risk

The course includes a confirmatory quiz. A certificate is available on successful completion and the course counts towards Continuing Professional Development (CPD).

Issue

Data Protection & GDPR for marketing professionals.

Aim

The aim of this Data Protection & GDPR for Marketing Course is to provide delegates with the fundamental knowledge and awareness of the UK’s Data Protection Act 2018 (DPA 2018) and the GDPR and how they apply to marketing.  Including the measures and actions you need to consider for compliance when undertaking marketing.

Learning Outcomes

On completion of the course delegates will be able to;

• • Demonstrate basic understanding of Data Protection principles and data subjects’ rights;

• • How to identify potential data breaches and what to do;

• • Describe the key components of Data Protection & GDPR, with reference to marketing functions;

• • Understand how the Data Protection principles and GDPR can be applied to marketing functions to protect both data subjects and marketing companies; and

• Apply a Data Protection Impact Assessment (DPIA) to a marketing scenario

Outline Data Protection for Marketing Course

Understanding the DPA 2018 and GDPR:

• • When and Where the legislation applies

• • Why the legislation has been introduced

• • What personal data is, especially in the marketing context

• • Who is involved in the legislation

• • How to apply and implement the legislation in the marketing context; and

• Practical Group Exercise: Marketing DPIA Scenario

Participant’s and their parent company’s will benefit from attendance as follows:

• • Awareness understanding of DPA 2018 & GDPR and how it applies to marketing.

• • Practical approach to managing Data Protection & GDPR within marketing functions.

• Evidence of specific competence training in GDPR for Marketing Professionals

Recommended Participants

The course is suitable for any marketing personnel.

Duration

Half-day – 0930-1230

Issue

Aligning regulatory requirements of MiFID II, Data Protection Act 2018 and GDPR.

Aim

The aim of this of MiFID II, Data Protection & GDPR Alignment Awareness Course is to provide delegates with the fundamental knowledge and awareness of the MiFID II, DPA 2018 and GDPR, and how to apply effective governance and risk management, to deliver compliance with the requirements of the Directive and Regulations.

Objectives

Benefits

Participant’s and their parent company’s will benefit from attendance as follows:

• Understanding the relationship between Data Protection & GDPR and MiFID II (members core business).
• Practical GRC approach to aligning Data Protection & GDPR to MiFID II requirements.
• Evidence of specific management competence training in aligning MiFID II, with Data Protection & GDPR.Recommended Participants. The course is suitable for anyone with Governance, Risk Management and Control roles or responsibilities, including but not limited to those who must demonstrate SM&CR competence which overlaps with data protection; plus, legal, Data Protection Officers and staff and IT, security and HR personnel

Duration

One day – 0930-1600

Issue

Understanding cyber risks and developing organisational cyber resilience.

Aim

The aim of this course is to develop the governance, risk management and capability of an organisation so they can become more cyber resilient. Resilience is a relative state, not an absolute state and reflects that absolute security is impossible.  The course covers three themes: governance, risk management and capability.

Learning Outcomes

On completion of the course delegates will be able to: