RML1: IDENTIFY RISKS ASSOCIATED WITH COLLECTION, USE, DISCLOSURE AND STORAGE OF PERSONAL DATA
IDENTIFY RISKS ASSOCIATED WITH COLLECTION, USE, DISCLOSURE AND STORAGE OF PERSONAL DATA
Course Duration
Mode of Assessment
Learners will be required to undergo assessment, consisting of a written test which will be
conducted in the classroom.
Who Should Attend
Targetted at Data Protection Executives, or team members assisting Data Protection Officers.
Course Overview
Learners will understand basic data classification and risk assessment techniques so as to enable them to identify, assess and address personal data protection risks. At the end of the course, learners are able to identify and resolve risks in relation to data protection and DNC provisions, business processes and data intermediaries. Learners will also learn how to conduct a Data Protection Impact Assessment.
Courses Schedule
Next available schedule
Course Objectives
You will have knowledge of the following:
- Basic data classification, data lifecycle, and risk identification and assessment techniques
- Internal protocols, past solutions and widely-known best practices in risk management or prevention with respect to data protection
- Risk management measures and implementation steps
1. Data protection risks in relation to:
2. DP and DNC provisions
3. Business processes
4. Data Intermediaries
5. Electronic processing of Personal Data
- Data Protection Impact Assessment (DPIA) to identify, assess and address personal data protection risks
You will be able to perform the following:
- Identify risks and use SOPs to mitigate risks
- Conduct risk assessment using the DPIA
- Highlight red flags and other key findings in risk assessment report
- Propose processes and actions steps to address risks
- Propose enhancements to risk countermeasures
- Monitor and check compliance to personal data content clauses, contracts and technical/commercial agreements
- Manage contracts with third parties (including data intermediary) for products and services
- Monitor activities and performance of vendors
- Document changes and updates to contracts and agreements
- Monitor the effectiveness of security initiatives
- Identify security risks, threats and vulnerabilities
- Assist users on various techniques that can anonymise personal data
Pre-requisites
1. Learner has attended and is competent for module titled Fundamentals of Personal Data
Protection Act or its equivalent
2. Learners are assumed to be able to:
- Understand relevant organisational strategies, objectives, culture, policies, processes and products/services
- Have information gathering skills to gather and collate necessary data
- Have analytical skills to assess policies and procedures
- Have business writing skills to prepare management report
- Have interpersonal and communication skills to interact with relevant stakeholders
- Have facilitation skills to ask the right questions to elicit necessary information
- Be aware of compliance requirements of organisation
Course Outline
Introduction
- Data classification
- Data lifecycle
- Risk identification and risk assessment techniques
Data protection risks relating to:
- DP and DNC processes
- Business processes
- Data Intermediaries
- Electronic processing of personal data
Risk rating/scoring
Responding to risks
- Risk modification
- Risk retention
- Risk avoidance
- Risk sharing
Data Protection Impact Assessment (DPIA)
- Conduct risk assessment using a DPIA
Managing contracts in compliance with PDPA
- Consent clauses
- Contracts and technical agreements
Managing risks with third parties/vendors/data intermediaries
- Conduct due diligence
- Monitor activities and performance
- Terms of contractual agreements
Fees and Funding
Price
Before GST | With GST | |
Original Course Fee | $760.00 | $813.20 |
Course Fee after Funding for both Individual and Company Sponsored Candidates 50% e2i Funding capped at $15/hr for Singaporeans and PRs |
$380.00 | $433.20 |
Terms and conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.
Prices are subject to other LHUB miscellaneous fees.
Batch ID | Course Period | Course Title | Funding Available |
Duration (Hours) |
Session (Hours) |
Venue | Available Seats |
Online Payment |
---|
What Others Also Enrolled In
FUNDAMENTALS OF THE PERSONAL DATA PROTECTION ACT (2020) (SYNCHRONOUS E-LEARNING)
View detailDEVELOP AND IMPLEMENT ORGANISATIONAL-LEVEL DATA GOVERNANCE STRATEGY AND STRUCTURE
View detailDEVELOP AND ENHANCE COMPLIANCE PROCESSES IN BUSINESS OPERATIONS AND DATA PROTECTION REQUIREMENTS
View detailMONITOR AND ASSESS ORGANISATION’S PERSONAL DATA PROTECTION POLICIES AND PRACTICES
View detailDEVELOP AND IMPLEMENT A DATA PROTECTION MANAGEMENT PROGRAMME (DPMP)
View detailCERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT (CGEIT) (SF) (SYNCHRONOUS E-LEARNING)
View detailIDENTIFY RISKS ASSOCIATED WITH COLLECTION, USE, DISCLOSURE AND STORAGE OF PERSONAL DATA
View detailASSESS RISKS WITHIN A DEFINED FUNCTIONAL AREA, AND DEVELOP COUNTERMEASURES AND CONTINGENCY PLANS
View detail