Skip To Content
Conduct audits, analyse results and implement changes to address gaps is a Program

Conduct audits, analyse results and implement changes to address gaps


Sorry! The enrollment period is currently closed. Please check back soon.

Full program description

Conduct audits, analyse results and implement changes to address gaps

Course Overview

You will be able to conduct audits, analyse results and implement changes to address identified gaps. You will also be able to utilise checklist to provide evidence of data protection policies and processes are implemented and practiced on the ground.

Who Should Attend

Targetted at Data Protection Executives, or team members assisting Data Protection Officers.

Course Duration

2 Days/16 hours

Course Outline

Role of audit in legal compliance lifecycle

Key obligations under the data protection obligations

  • Identification of non-compliance
  • Evidence of risk and non-compliance

Methodology and tools for conduct of audit activities

1)  Pre audit activities

  • Appointing audit team leader
  • Determine audit objectives and scope
  • Arranging audit team
  • Contact with auditee

2)  Review of documents

  • Review relevant audit documents to determine adequacy with respect to audit criteria

3)  Preparing for the onsite audit activities

  • Establishing the audit plan
  • Assigning audit areas to audit team
  • Preparing work document

4)  Conducting on-site audit activities

  • Opening meeting
  • Interaction and communication during audit
  • Collecting and verifying audit evidence
  • Documenting audit finding
  • Initial review for audit conclusions
  • Closing meeting

5)  Preparing audit report

  • Preparing report
  • Distributing audit report

Interpretation and analysis of audit results

Data Protection Trust Mark Certification

  • Processes and requirements


  • Guide to Developing a Data Protection Management Programme
  • PDPA Assessment Tool for Organisations
  • DPTM Information Kit
  • DPTM Checklist

Mode of Assessment

You will be required to undergo assessment, consisting of a written test and oral questioning. Both will be conducted in the classroom.

Course Objectives

You will have knowledge of the following:

  • Methodologies and tools for the conduct of audit activities
  • Interpretation and analysis of audit results
  • Identification of non-compliance
  • Key obligations under the Data Protection Provision of the PDPA.
  • DPTM Certification process and requirements, including resources (e.g. DPTM Information Kit, DPTM Checklist)

You will be able to perform the following:

  • Conduct DP audit activities in line with the organisations compliance processes and guidelines, using appropriate methodologies and tools
  • Analyse DP audit results and highlight identified process gaps or key instances of noncompliance
  • Propose improvements to existing DP compliance processes and measures to address major risks
  • Implement changes in performance of audits in alignment with changes in internal compliance standards or external regulatory guidelines
  • Conduct internal audits to monitor and evaluate the implementation of DP policies and processes
  • Map the organisations Data Protection Framework to the relevant certification requirements in terms of the principles and assessment criteria
  • Identify the gaps to meet the certification requirements and processes that will be improved by the application of new/emerging standards of certification
  • Document the change impact on policies and corresponding procedures with the adoption of standards and certification across the organisation
  • Coordinate with internal and external stakeholders to project manage on-site verification of the organisations policies, processes and practices for data protection


1. Learner has attended and is competent for module titled Fundamentals of Personal Data Protection Act or its equivalent

2. Learners are assumed to be able to:

  • Understand relevant organisational strategies, objectives, culture, policies, processes and products / services
  • Have information gathering skills to gather and collate necessary data
  • Have analytical skills to assess policies and procedures
  • Have business writing skills to prepare management report
  • Have interpersonal and communication skills to interact with relevant stakeholders
  • Have facilitation skills to ask the right questions to elicit necessary information
  • Be aware of compliance requirements of organisation


Price to be advised.