Professional Training

Explaining Information Security and Data Privacy Risk

FourthLine Learning, In London
2 days
2 days

Course description

Explaining Information Security and Data Privacy Risk

FourthLine’s ‘Explaining Information Security and Data Privacy’ course provides vital employee training on the essential principles, policies and practices that individuals and organisations should use to protect and handle personal and (proprietary) confidential data. The interactive course will provide attendees with the necessary knowledge and skills to minimise the potential impact to an organisation through a breach of security and potentially the privacy of employees, customers and suppliers.

The risks associated with Information Security and Data Privacy can have hugely damaging consequences, and training of employees and the strengthening of controls should be your strongest line of defence. This course will provide you and your employees with the insights and tools needed to identify risks and minimise the threats that can arise from poor information risk management.

Do you work at this organisation and want to update this page?

Is there out-of-date information about your organisation or courses published here? Fill out this form to get in touch with us.

Suitability - Who should attend?

Who should attend:

  • Internal Auditors
  • Finance
  • Marketing
  • HR
  • Legal
  • Customer Services
  • Operations
  • Any professionals who have recently acquired responsibility for, or wish to learn more about Information Security and Data Privacy

Choose this course when:

  • Looking to gain an understanding of Information Security & Privacy risks across your organisation and function.
  • Wanting to learn how to execute a risk assessment within your department/function and how to apply effective risk controls.
  • Needing to demonstrate compliance with Information Security & Privacy standards & regulations.
  • Looking to implement best practice assurance.

Outcome / Qualification etc.

Learning outcomes:

  • Gain an understanding of the history of data privacy regulatory development.
  • Demystify Information Security and Data Privacy concepts
  • Understand the risks that your organisation faces from an Information Security and Data Privacy perspective.
  • Learn how to carry out Information Security risk assessments and define risk appetite
  • Understand where accountability sits and how to demonstrate compliance.
  • Increase your security awareness and identify what needs to be improved to enhance the Information Security and Privacy culture of your organisation

Training Course Content

Day 1

  • Introduction to the Course
    • Why do we need Information Security and Awareness of Information Security?
    • Demystifying Data Privacy and Information Security

  • Risk management techniques
    • Risk register – techniques for capturing risk and risk acceptance and how to manage your budget accordingly
    • How to understand risk appetite and adjust risk controls or mitigations accordingly
    • How to apply effective risk controls to your risk assessment
    • How to conduct risk assessments for Information Security and Privacy

  • Understanding the Technical and organisation controls available to you - into information security, controls and monitoring

  • Data Privacy and Information Security theory and application
    • Data loss prevention
    • Typical risk controls that you could leverage
    • Data mining techniques and record processing
    • Accountability, Governance, Security Policy Regime
    • Practical Cryptography exercise – decode a message

Day 2

  • Remediation compliance and regulatory risk
    • The history of Data Privacy regulatory development
    • Explore the current legal and regulatory regime
    • Examine practical case studies and take a look at the future of data privacy and how it might impact the operating environment

  • Culture, Training & Awareness

  • Data privacy rights, principles and ethics
    • Data protection by design
    • Ethical dilemmas with AI and machine learning
    • Legal aspects, third party applications

  • How to achieve accountability through effective systems of governance, assurance through best practice policies and documentation
    • What should be included in the company’s data privacy notice, cookies policy, security notice
    • Learn what management information you should report to board and senior management
    • Learn how to evidence compliance through effective testing of controls