With the passing of General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) in which all companies who have past & present EU resident’s data, will be required to implement business processes and technical solutions to meet the GDPR mandates which includes complete removal of all traces of an individual' identify from the company's systems if requested. Companies will need to comply or be subject of fines of 4% of annual revenues. . This regulation not only impacts EU companies but all companies worldwide whose customers and employees reside in the EU.
This GDPR seminar has been restructured to provide attendees a consolidated view of how to implement, assess and audit the project . This seminar is intended to provide attendees the base level knowledge required to (1) conduct a “point-in-time” Assessment to provide a basis to determine the current stage of GDPR compliance and identify the remaining project initiatives, (2) manage the implementation of the GDPR project, and (3) conduct a GDPR Pre-Implementation Audit. Audit Serve has completed three GDPR Impact Analysis of organizations who are both Controllers and Processors and provides ongoing GDPR advisory services to these organizations. The experiences from these completed consulting projects along with its current GDPR project of performing all aspects of the GDPR Implementation for a multi-national Controller have been incorporated into this seminar.
The seminar for mid-level IT (including GDPR project managers), GRC and audit professionals but would also be highly invaluable for Senior Management who need to understand the scope of this project and how it impacts their organizations
Day 1: 8:00am-4:00pm (Please arrive at 7:30am for registration) - Room 120
Day 2: 8:00am-4:00pm. Room 120
I. Introduction to General Data Protection Regulation
II. Performing a GDPR Pre-Implementation Review/Audits
III. Performing a GDPR Project Assessment
IV. Understanding the Regulations, Implementation Assessment and Audit Approaches
V. Global Project Initiatives
VI. Conducting the GDPR Audit
Mitchell Levine, CISA is the founder of Audit Serve, Inc. which was established in 1990. For the last 26 years at Audit Serve, Mitch has split his time between traditional IT & Integrated Audit Consulting projects and global project initiatives. For the past 18 months Mitch has been focusing most of his time on the GDPR project in which he has presented his GDPR seminar four times in the last 9 months in which three of these presentations occurred in Europe. He has completed GDPR Impact Analysis & Assessment projects for three separate organizations and is currently on a long-term engagement for one large international organization mapping all of their business processes that utilize personal data and linking them to delivery packages that will be the basis for responding to Subject Access Requests (SARs) that all organizations in-scope for GDPR will be requested to provide starting May 25, 2018
All Students: Please arrive at 7:30am on the first day for registration.
ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.
Parking: The GMU Arlington Campus is 2 blocks from the Virginia Square/GMU Metro station (Orange Line). Campus parking is limited. Some visitor parking is available in the Founders Hall parking garage. Best entry point is off of Kirkwood Rd, between Washington Blvd and Fairfax Dr. http://parking.gmu.edu/arlingtoncampusparking.html
Conference and seminar presentations are posted to the Presentations Library when permission is received from the presenter and their organization. In some cases, permission is not received.
Earn up to 14 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: http://www.learningmarket.org.
CPE's will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day to receive full CPE credit.