ASSESS RISKS WITHIN A DEFINED FUNCTIONAL AREA, AND DEVELOP COUNTERMEASURES AND CONTINGENCY PLANS

Course Overview

Learners will learn how to assess current and potential risks within a functional area, and develop risk countermeasures and contingency plans.

Course Objectives

You will have knowledge of the following:

• Risk identification and assessment techniques for business processes, third party/ service vendors, and processing of personal data electronically
• Risk assessment report development
• Complex or advanced methods to manage risks and safeguard stakeholders interests
• Implementation considerations and rationale for risk management processes
• Data protection risk assessment in relation to DP provisions
• Data protection risk assessment in relation to business processes when processing personal data throughout the data lifecycle (from collection, storage, use, disclosure, disposal and archival), including DPIA
• Data protection risk assessment in relation to data intermediaries in areas such as contracts and vendor performance management
• Data protection risk assessment in relation to electronic processing of personal data including data security, cloud technology, anonymisation, IT system/website
• Data protection risk

You will be able to perform the following:

• Institutionalise DP risk management as part of organisation-level risk management approach
• Establish baseline of vulnerabilities, gaps and exposures to data protection related risks
• Develop implementation plan for organisation-wide personal data protection risk management processes and procedures
• Determine need to conduct a DPIA
• Manage existing and potential DP risks associated with technology
• Manage existing and potential DP risks arising from data sharing
• Coordinate with relevant department to mitigate contractual and technological risks arising from data protection

Pre-requisites

1. Learner has attended and is competent for module titled Fundamentals of Personal Data Protection Act or its equivalent

2. Learners are assumed to be able to:

• Understand relevant organisational strategies, objectives, culture, policies, processes and products/services
• Have information gathering skills to gather and collate necessary data
• Have analytical skills to assess policies and procedures
• Have business writing skills to prepare management report
• Have interpersonal and communication skills to interact with relevant stakeholders
• Have facilitation skills to ask the right questions to elicit necessary information
• Be aware of compliance requirements of organisation

Hardware & Software

This course will be conducted as a Virtual Live Class (VLC) via Zoom platform. Participants must own a zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. This can be downloaded from https://zoom.us/download

System Requirement

Must Have: Please ensure that your computer or laptop meets the following requirements. Operating system: Windows 10 or MacOS (64 bit or above) Processor/CPU: 1.8 GHz, 2-core Intel Core i3 or higher Minimum 20 GB hard disk space. Minimum 8 Gb RAM Webcam (The camera must be turned on for the duration of the class) Microphone Internet Connection: Wired or Wireless broadband Latest version of Zoom software to be installed on computer or laptop prior to the class. Good to Have: Wired internet connection Wired internet will provide you with stable and reliable connection. Dual monitors Using a dual monitor setup will undoubtedly improve your training experience, enabling you to simultaneously participate in hands-on exercises and maintain engagement with your instructor. Not Recommended: Using tablets is not recommended due to their smaller screen size, which could cause eye strain and discomfort over the course of the program's duration.

Course Outline

Risk of non-compliance with the following obligations under PDPA:

• Consent obligation
• Notification obligation
• Purpose limitation obligation
• Accuracy obligation
• Retention limitation obligation
• Protection obligation
• Access and correction obligation
• Transfer limitation obligation
• Openness obligation
• DNC provisions

Risks relating to business processes

• Developing a Data Inventory Map
• Identify relevant activities
• Examination of issues concerning activities

Risks relating to data intermediaries/third parties/service vendors

Risks relating to electronic processing of personal data

Risks relating to data sharing

Develop risk assessment report

• Content of report

Managing risks with third parties/vendors/data intermediaries

• Conduct due diligence
• Monitor activities and performance
• Managing contracts

Developing a DPIA

• Assessing need
• Stakeholders
• Substantive considerations
• Identifying personal data and personal data protection flows
• Identify and assess risks
• Create action plan
• Implementation of action plan

Additional Details

Price

Course Fee
		Individual Sponsored Trainee		Company Sponsored Trainee
		before GST	with GST	before GST	with GST
Full Course Fee		$1,400.00	$1,526.00	$1,400.00	$1,526.00

Remarks

Union Training Assistance Programme (UTAP)
NTUC members enjoy UTAP* benefit of up to $250 each year when you sign up for courses with NTUC LearningHub

* UTAP supports 50% of the course fees paid cap at $250 per year. You must be a union member throughout the course duration and at the time of claim. You must achieve a minimum of 75% attendance for each application and have sat for all prescribed examinations. Other terms and conditions apply.

Terms & Conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscellaneous fees.