Privacy and Data Protection Audit Foundation Course

Explore the basics, evolution and fundamental aspect of privacy and data protection. 
Explore the  application of the NITDA data protection regulation, conducting data protection audit and audit report filing.


The course is designed for those who are just trying to get a grasp of the privacy and data protection concept and wants a general background knowledge of data protection laws and regulations, conducting data protection audit


Participants will gain an understanding of: key concepts of privacy and data protection, how to develop audit plan, conducting a data protection audit based on the NITDA regulation and filing the report of a data protection audit.



1 day

IAPP Data Protection

Who Should Attend?

  • Anyone who uses, processes and maintains personal data;
  • Data Protection Officers;
  • Data Protection Lawyers;
  • Record Managers;
  • Information Officers;
  • Compliance Officers;
  • Human Resource Officers.

Privacy and Data Protection Audit Foundation Course

Course outline

Overview of privacy and data protection

Definition of key data protection terms

Principles and obligations

Actors, roles and responsibilities

Distinguishing privacy from security.

Processing sensitive personal data

Processing of data

Definition of processing, principles of processing and legal bases for processing of data.

Legal bases of processing

Establishing appropriate legal basis

Data Protection Audit (Identification & Scoping)

Data mapping, classification and categorization

Data Protection Asset Inventory

Developing Audit Plan

NITDA Data Protection Assessment 

Gap Assessment (NITDA Audit Assessment)

Review of privacy notice & policy, third-party contract, cross border & international transfer of data, 

Implementing framework

Audit Report Documentation

Security assessment (organisation, website, application)