Full program description
Provide timely updates for Data Breach Management
Learners will understand basic data classification and risk assessment techniques so as to
enable them to identify, assess and address personal data protection risks. At the end of the
course, learners is able to identify and resolve risks in relation to data protection and DNC
provisions, business processes and data intermediaries. Learners will also learn how to conduct
a Data Protection Impact Assessment.
Who Should Attend
Targetted at Data Protection Executives, or team members assisting Data Protection Officers.
2 Days/16 hours
Potential personal data breaches impacting business or IT
- Malicious activities
- Human error
- Computer system error
Managing personal data breaches using the CARE principle
- Containing the Breach
- Assessing the Risks and Impact
- Reporting the Breach
- Evaluate the Response
Reporting process and incident response in connection with compliance with PDPA
- Document observations in incident record log of incidents
- Post breach response
- Reporting breach internally
- Reporting breach to PDPC
- Reporting breach to affected individuals
Personal data breach recovery processes, action steps and options
- Test personal data breach response plan
- Implement personal data breach activities according to data breach management plan
- Implement and track recommendations to mitigate future breaches
- Guide to Managing Data Breaches 2.0
- Guide to Active Enforcement
- Guide to Developing a Data Protection Management Programme
Mode of Assessment
Learners will be required to undergo assessment, consisting of a written test and oral
questioning. Both will be conducted in the classroom
Learners will have knowledge of the following:
- Potential personal data breaches or incidents impacting business / IT processes or services.
- Personal data breach recovery processes, action steps and options.
- Reporting process and incident response in connection with compliance with the PDPA.
- PDPCs Guide to Managing Data Breaches 2.0.
Learners will be able to perform the following:
- Prepare data breach notifications to inform individuals and report to PDPC in the event of a personal data breach incident
- Test personal data breach response plan and conduct possible breach sceanarios to validate process
- Implement personal data breach activities as per data breach management plan
- Monitor outcomes of the personal data protection breach management plan against key performance benchmarks
- Implement and track recommendations made to mitigate future breach incidents
- Document observations and actions in incident record log
1. Learner has attended and is competent for module titled Fundamentals of Personal Data Protection Act or its equivalent
2. Learners are assumed to be able to:
- Understand relevant organisational strategies, objectives, culture, policies, processes and products / services;
- Have information gathering skills to gather and collate necessary data;
- Have analytical skills to assess policies and procedures;
- Have business writing skills to prepare management report;
- Have interpersonal and communication skills to interact with relevant stakeholders;
- Have facilitation skills to ask the right questions to elicit necessary information; and
- Be aware of compliance requirements of organisation.
Price to be advised.