Course Overview

This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs in all processes of ICT systems and services, through the use of best practices.

The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information
technology.

Who Should Attend

• Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy
  Framework
• Security auditors who wish to fully understand the Privacy Framework implementation process
• Experienced IT security management professionals
• IT security professionals interested in earning Privacy Management Framework certification
• Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
• Security professionals with front-line experience
• Information security staff
• Expert advisors in information technology
• Persons and organizations involved in tasks where privacy controls are required for the processing of PII

Learning Objectives

• To understand the core competences on Privacy Framework
• To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the
  effective protection of personally identifiable information (PII)
• To define privacy safeguarding requirements related to PII within an ICT environment
• To understand the relationship between the components of Privacy Framework with existing security standards and various
  applicable laws
• To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
• To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
• To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best
  practices
• To improve the capacity for analysis of privacy incident management

Course Contents 

Introduction to Privacy Framework concepts as recommended by ISO 29100

▶ Privacy Framework based on ISO 29100 and regulatory framework
▶ Fundamental Principles of Privacy
▶ Privacy Legislation US & Europe
▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶ Initiating the Privacy Framework implementation

Planning the implementation of the Privacy Framework

▶ Preliminary analysis of Existing Controls
▶ Leadership and approval of the Privacy Framework project
▶ Defining the scope of a Privacy Framework
▶ Development of a Privacy policy
▶ Selection of the approach and methodology for risk assessment
▶ Control Statement and management decision to implement the Privacy Framework
▶ Definition of the organizational structure of Privacy

Implementing a Privacy Framework

▶ Implementation of a document management framework
▶ Design of controls and writing procedures and specific policies
▶ Implementation of privacy controls
▶ Development of a training & awareness program and communicating about the privacy
▶ Incident management
▶ Operations Management

Privacy Framework measurement and continuous improvement

▶ Monitoring, Measurement, Analysis and Evaluation
▶ Internal Audit
▶ Management Review
▶ Treatment of problems and points of concern
▶ Continual improvement
▶ Competence and evaluation of implementers

Certification Exam

 Training Info

Language : Conducted in Thai Language
Duration : 5 Days
Date :  Jun 19 – 23, 2023
Time : 9.30 am. – 16.30 pm.
Venue : ACinfotec Training Center
Price : THB 51,500 (Excluding 7% VAT)
Contact : T 02 670 8980-3 ext.304, 305
E [email protected]

www.pecb.com