Skip To Content
Design a data breach management plan is a Program

Design a data breach management plan

Self-paced

Sorry! The enrollment period is currently closed. Please check back soon.

Full program description

Design a data breach management plan

Course Overview

Learners will understand basic data classification and risk assessment techniques so as to

enable them to identify, assess and address personal data protection risks. At the end of the

course, learners is able to identify and resolve risks in relation to data protection and DNC

provisions, business processes and data intermediaries. Learners will also learn how to conduct

a Data Protection Impact Assessment.

Who Should Attend

  • Targetted at Data Protection Officers
  • Staff who formulate and review data protection policies
  • Staff who develop data protection management programmes

Course Duration

2 Days/16 hours

Course Outline

Trends in personal data breaches or incidents

  • Global trends
  • Trend in Singapore

Requirements gathering for development of a data breach management response plan

  • Data Inventory Map
  • Data Flow Diagram
  • Risk assessment report

Components of data breach management and response plan

  • Defining what constitutes data breach
  • Reporting of breach internally
  • Data breach management team
  • Roles of team members

Responding to a data breach

  • Containing the breach
  • Assessing the breach
  • Investigating root cause of data breach

Reporting the breach

  • Requirements of reports
  • Document observations in incident record log of incidents
  • Post breach response
  • Requirements for reporting breach internally
  • Requirements for reporting breach to PDPC
  • Requirements for reporting breach to affected individuals

Evaluating response and consider actions to prevent future breaches

  • Recommending process enhancements or system changes
  • Developing Checklists

Personal data breach recovery processes, action steps and options

  • Test personal data breach response plan
  • Implement personal data breach activities according to data breach management plan
  • Implement and track recommendations to mitigate future breaches

Reference:

  • Guide to Managing Data Breaches 2.0
  • Guide to Active Enforcement
  • Guide to Developing a Data Protection Management Programme

Mode of Assessment

You will be required to undergo assessment, consisting of a written test and oral questioning. Both will be conducted in the classroom.

Course Objectives

You will have knowledge of the following:

  • Trends in personal data breaches or incidents that may impact business / IT processes or serivces
  • Requirements gathering for development of a data breach management response plan
  • Components of a data breach management and response plan

You will be able to perform the following:

  • Develop a data breach management plan
  • Set up a breach management response team
  • Establish process to respond data breaches using the CARE framework
  • Oversee testing of personal data breach response process
  • Investigate root cause of personal data breach and assess impact arising from breach incident
  • Report personal data protection breach to senior management/ PDPC
  • Review data breach management response plan and recommend process enhancements

Pre-requisites

1. Learner has attended and is competent for module titled Fundamentals of Personal Data Protection Act or its equivalent

2. Learners are assumed to be able to:

  • Understand relevant organisational strategies, objectives, culture, policies, processes and products / services
  • Have information gathering skills to gather and collate necessary data
  • Have analytical skills to assess policies and procedures
  • Have business writing skills to prepare management report
  • Have interpersonal and communication skills to interact with relevant stakeholders
  • Have facilitation skills to ask the right questions to elicit necessary information
  • Be aware of compliance requirements of organisation

Price

Price to be advised.

DBML2