The Board of directors and Senior Management need clear, reliable information and updates from multiple corporate functions including Legal, HR, IT, Procurement, Customer Services and Marketing to help them to comply with the Governance, Accountability and Proportionality (GAP) principles of GDPR. The Executive seminar will guide, improve and facilitate establishing a dialogue between all stakeholders needed to engage in executing their responsibilities with transparent and well-documented procedures that genuinely embed Data Protection, Data Privacy and Cybersecurity to lessen the risk of incurring hefty penalties for non-compliance and reputational damage.
  • I found the course very enlightening, interesting and useful in better understanding the merits of the law, which has taken shape across multiple jurisdictions.

    More importantly, I appreciate how you were able to hold our attention throughout the three days, making what could be a very dry subject extremely interesting.

    FP Accuris

  • Rosalind Griffie, Lawyer NYC, USA


    Seminar Learning  Objectives - Masterfully Delivered

    Scope and Sequence of Course Materials - Clear, Concise & Delivered as Stipulated

    The Tone of the Learning Environment - Laid Back yet Professional and Comfortable


    Mr Kersi, while it is true that you may have conquered the beast, it was I who received the grand prize--the elephant's tusks!!!

    Rosalind Griffie, Lawyer NYC, USA
  • Thank you for a great week! I really enjoyed the GDPR seminar and have come away with a lot of invaluable GDPR knowledge.
  • Was the event better than what you expected, worse than what you expected, or about what you expected: I wasn't sure what to expect in advance of arriving, and it exceeded my expectations
  • Did the presenters allow time for discussions? Plenty of time was allowed for discussion, we were able to cover in detail those areas that we were particularly interested in.
  • Did the presentations meet your expectation? The presentations very very detailed, we covered a lot of content in 3 days.
  • How structured was the information presented at the event? The information presented was well structured. We were given the opportunity to add in additional workshops and to tailor the schedule to focus on areas of importance to us
  • Do you believe that your professional skills have improved based on the information/training? I have a more in-depth knowledge of the GDPR Articles, but more importantly a greater understanding of those areas of data privacy compliance that our Company should be focusing on going forward.
  • How useful was the information presented at the event to you or your company? Information provided both by the presentations and the knowledge of the presenter were relevant to our Company and resonated well with our GDPR project team.

GDPR, Data Privacy, IT-Security, Cyber-Security Tone at the top

Without executive sponsorship, GDPR programs are likely to become compliance tick-box programs, will not change how people behave, and the implementation is expected to fail.

By virtue of its scope, GDPR and cyber security is a highly distributed venture that involves legal, marketing, HR, procurement, customer support, analytics, operations, R&D, and M&A. Therefore, it is apparent that unless there is executive sponsorship, a GDPR program with the related components of privacy, IT and Cyber security will not reach deep into the organisation to be embedded, effective and integrated. Executive sponsorship ensures that the necessary change management processes, awareness and training programs will get properly funded, adequately deployed, and have the required ongoing attention for business as usual inclusion and not as a supplement.

Some surveys have found that less than a third of boards and senior management participate directly in a review of IT security and privacy risks. Without a solid understanding of these IT, data and cyber threats, boards and senior management are not well-positioned to exercise their oversight responsibilities for data protection and privacy matters as GDPR mandates.
lightbulb (1)
GDPR Essentials
  • Introduction to privacy and data protection
  • GDPR legal basics: cases and examples, principles, penalties, responsibilities of data processor and controller, privacy by design and default
  • A complete review of a GDPR implementation methodology as a workshop
  • Gap analysis for implementation: readiness assessment, and differences
  • Data protection authorities: objectives, notifications, local regulation and enforcement
  • Q&A session + giveaway: a compendium on the GDPR issues
GDPR in Practice
  • The "GDPR Institute Roadmap": steps and tips for implementation, conducting data mapping, setting the project governance
  • Privacy program: risk-based approach, design and build, privacy in HR, Marketing, IT, legal, Logistics and Procurement departments
  • Transfers of personal data: to third countries, third parties and the cloud, binding corporate rules, standard contractual clauses; bid data and analytics, options and solutions
  • Codes of conduct and certification mechanisms
  • Executive role: day-to-day activities, responsibilities, cross-organisational actions, interactions with upper management, IT, audit, legal, compliance and risk management
  • Privacy impact assessment, the PIA "GDPR Institute Roadmap", need, timing, process, internal/external consultation, flows, standard risks, approvals and communication
  • Q&A session + giveaway: policy templates
IT Security and Privacy Programs in Practice
  • Privacy control accountability framework
  • Data privacy audits and monitoring: e-discovery, data audits, activity tracking
  • Privacy awareness training: examples of initiatives
  • Data subjects’ rights in practice: dealing with requests and complaints
  • Incidence response: contingency plan for a data breach: responding to investigations
  • Scenario based-case for a data breach
  • Standard privacy controls: good practices, sources of risks, protecting information assets, encrypting, anonymising, reducing soft and hardware vulnerabilities, evaluating privacy solutions and tools
  • Business case: practical exercise to demonstrate compliance with the GDPR
  • Q&A session + giveaway: templates and bibliographic references
  • Exam 50 questions (multiple choice)


There is no single owner for developing a GDPR program

GDPR mandates a host of corporate policies and mission statements on data- privacy and protection and the right tone at the top will guarantee enforcement across the business and organisation. The proper involvement of senior management is also required to comply with Article 5 of the GDPR that requires the data controllers to demonstrate how they comply with the accountability principles. Another GDPR article 83 talks about intentional or negligent violations that is more about certifying than guaranteeing compliance to GDPR and cyber security.

With the right corporate involvement, GDPR can be rolled out as a framework that can build a culture of privacy that pervades the entire organisation. The tone can then trickle down and throughout the organisation with the right message and take ownership of ensuring understanding and use of policies as standard operating procedures. Technology cannot cover gap detection, escalation and mitigation, and disciplinary activities. The entire staff needs the training to understand what is acceptable and unacceptable within the parameters of the corporate data-privacy culture.

The correct data privacy culture will then reduce the risk of data breaches and sanctions that cause reputational damage. The burden of ensuring that GDPR and cybersecurity is handled cost-effectively, consistently, and safely is a management responsibility to get the people involved and preventing the staff from falling back on old habits and bad behaviour with the management teams and business process owners with an auditable trail of evidence and actions to ensure Governance, Risk Management, Compliance and IT Security.
lightbulb (1)

Our Methodology

  • Complete GDPR lifecycle and implementation methodology
  • Holistic approach: HR, legal, IT, Procurement, Marketing, Management
  • Based on real business scenarios and practical experiences
  • Option to customise the sessions with a focus on required GDPR and IT Security issues
  • We provide tools, templates and policies for uniform implementation

The EUGDPR Institute Executive Professional Certification Training & Examination

The certification is offered in cooperation with our partners for consultants, managers and administrators in the field of GDPR, Data Privacy and Protection.

Individuals wishing to obtain The EUGDPR Institute professional certificate must:
  • Study the course materials provided when registration is accepted.
  • Complete classroom training certification.

The GDPR executive seminar will give participants the opportunity to get complete guidance, ask questions and group discussions on relevant and key GDPR and IT Security issues. The examination consists of a multiple-choice test covering a broad range of relevant GDPR knowledge and topics that are dealt with, in this advanced GDPR executive training course.