RML2: ASSESS RISKS WITHIN A DEFINED FUNCTIONAL AREA, AND DEVELOP COUNTERMEASURES AND CONTINGENCY PLANS
ASSESS RISKS WITHIN A DEFINED FUNCTIONAL AREA, AND DEVELOP COUNTERMEASURES AND CONTINGENCY PLANS
Course Duration
Mode of Assessment
Learners will be required to undergo assessment, consisting of a written test and oral questioning. Both will be conducted in the classroom.
Who Should Attend
- Data Protection Officers
- Staff who formulate and review data protection policies
- Staff who develop data protection management programmes
Course Overview
Learners will learn how to assess current and potential risks within a functional area, and develop risk countermeasures and contingency plans.
Courses Schedule
Next available schedule
Course Objectives
You will have knowledge of the following:
- Risk identification and assessment techniques for business processes, third party/ service vendors, and processing of personal data electronically
- Risk assessment report development
- Complex or advanced methods to manage risks and safeguard stakeholders interests
- Implementation considerations and rationale for risk management processes
- Data protection risk assessment in relation to DP provisions
- Data protection risk assessment in relation to business processes when processing personal data throughout the data lifecycle (from collection, storage, use, disclosure, disposal and archival), including DPIA
- Data protection risk assessment in relation to data intermediaries in areas such as contracts and vendor performance management
- Data protection risk assessment in relation to electronic processing of personal data including data security, cloud technology, anonymisation, IT system/website
- Data protection risk
You will be able to perform the following:
- Institutionalise DP risk management as part of organisation-level risk management approach
- Establish baseline of vulnerabilities, gaps and exposures to data protection related risks
- Develop implementation plan for organisation-wide personal data protection risk management processes and procedures
- Determine need to conduct a DPIA
- Manage existing and potential DP risks associated with technology
- Manage existing and potential DP risks arising from data sharing
- Coordinate with relevant department to mitigate contractual and technological risks arising from data protection
Pre-requisites
1. Learner has attended and is competent for module titled Fundamentals of Personal Data Protection Act or its equivalent
2. Learners are assumed to be able to:
- Understand relevant organisational strategies, objectives, culture, policies, processes and products/services
- Have information gathering skills to gather and collate necessary data
- Have analytical skills to assess policies and procedures
- Have business writing skills to prepare management report
- Have interpersonal and communication skills to interact with relevant stakeholders
- Have facilitation skills to ask the right questions to elicit necessary information
- Be aware of compliance requirements of organisation
Course Outline
Risk of non-compliance with the following obligations under PDPA:
- Consent obligation
- Notification obligation
- Purpose limitation obligation
- Accuracy obligation
- Retention limitation obligation
- Protection obligation
- Access and correction obligation
- Transfer limitation obligation
- Openness obligation
- DNC provisions
Risks relating to business processes
- Developing a Data Inventory Map
- Identify relevant activities
- Examination of issues concerning activities
Risks relating to data intermediaries/third parties/service vendors
Risks relating to electronic processing of personal data
Risks relating to data sharing
Develop risk assessment report
- Content of report
Managing risks with third parties/vendors/data intermediaries
- Conduct due diligence
- Monitor activities and performance
- Managing contracts
Developing a DPIA
- Assessing need
- Stakeholders
- Substantive considerations
- Identifying personal data and personal data protection flows
- Identify and assess risks
- Create action plan
- Implementation of action plan
Fees and Fundings
Price
| Before GST | With GST | |
| Original Course Fee | $760.00 | $813.20 |
| Course Fee after Funding for both Individual and Company Sponsored Candidates 50% e2i Funding capped at $15/hr for Singaporeans and PRs |
$380.00 | $433.20 |
Terms and conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.
Prices are subject to other LHUB miscellaneous fees.
| Batch ID | Course Period | Course Title | Funding Available |
Duration (Hours) |
Session (Hours) |
Venue | Available Seats |
Online Payment |
|---|
What Others Also Enrolled In
FUNDAMENTALS OF THE PERSONAL DATA PROTECTION ACT (2020) (SYNCHRONOUS E-LEARNING)
View detail
DEVELOP AND IMPLEMENT ORGANISATIONAL-LEVEL DATA GOVERNANCE STRATEGY AND STRUCTURE
View detail
DEVELOP AND ENHANCE COMPLIANCE PROCESSES IN BUSINESS OPERATIONS AND DATA PROTECTION REQUIREMENTS
View detail
MONITOR AND ASSESS ORGANISATION’S PERSONAL DATA PROTECTION POLICIES AND PRACTICES
View detail.jpg/fbdd7a5c-c36f-27db-e6b1-bd28b7223b12/)
DEVELOP AND IMPLEMENT A DATA PROTECTION MANAGEMENT PROGRAMME (DPMP)
View detail%20(SF).jpg/b1daeb8e-ad07-43b2-028b-09a7db903a0e/)
CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT (CGEIT) (SF) (SYNCHRONOUS E-LEARNING)
View detail
IDENTIFY RISKS ASSOCIATED WITH COLLECTION, USE, DISCLOSURE AND STORAGE OF PERSONAL DATA
View detail
ASSESS RISKS WITHIN A DEFINED FUNCTIONAL AREA, AND DEVELOP COUNTERMEASURES AND CONTINGENCY PLANS
View detail