The course is aimed at organizations with many systems, stakeholders and complex structures.

The course reviews the elements in an inventory relative to GDPR. What should be described, how should it be described, and how to ensure a consistent structure in the descriptions.

The purpose of this seminar is to provide all participants with the knowledge on the data mapping exercises and how to develop a data flow, inventory, and resource (locations) map (“data map”) for each separate data privacy lifecycle. Based on the data inventory participants will be able to: a) identifying what personal information (“personal data”) b) how it is collected, used, shared, stored and disposed; c) classifying the different levels of data sensitivity d) the special GDPR requirements for Marketing, Human Resources, mobile apps, websites, etc. e) The different data privacy lifecycles on (data collection, processing, locations, etc.)

During the seminar, we will conduct a workshop as a formalised, but a repeatable process on how to a) compose each data resource (data location); b) identify the data that is transferred across what international borders, c) assign resource ownership, a custodian to provide governance support. Participants will get complete knowledge on data flows, inventory and supplies to enable them to recommend appropriate improvements in controls better and assist in identifying risks, threats and current vulnerabilities when they return to their area of responsibilities.

Who should attend this workshop

  • Internal Audit Managers and Staff
  • IT Security Officers
  • Information Security Managers
  • Data Controllers
  • Data Processors
  • Legal Counsel
  • IT Analysts/IT Auditors
  • IT and Data Consultants and project managers involved in data protection, information security or cyber security issues
  • IT and Data Consultants and project managers that participate in GDPR projects.
  • Individuals with some IT experience who want to qualify on GDPR issues.

The Seminar includes:

  • Professional training venue with breakfast, lunch and refreshments.
  • Comprehensive documentation (English) (as digital copy. PDF file optional).
  • Certificate of attendance
  • Certification after on line exam with multiple choice questions


Kersi F. Porbunderwalla

President and CEO

Is the President and CEO of The EUGDPR Institute and Secretary-General of Copenhagen Compliance®. He functions as an advisor, teacher, instructor, researcher, commentator and practitioner on Data Protection and Data Privacy, Governance, Risk Management, Compliance and IT security (GRC), Bribery, Fraud and Corruption (BFC) and Corporate Social/Stakeholder Responsibility (CSR) issues.