Upcoming Chapter Events

Below are upcoming chapter conferences, seminars, review courses, and other events.  Prior chapter events can also be viewed.

For information on our event policies, see https://isaca-gwdc.org/event-policies/.

« All Events

  • This event has passed.

NIST Privacy Framework Workshop 2025

October 18, 2025 @ 9:00 am - 5:00 pm EDT
GWDC Members $125, Non-GWDC Members $200

 

 

October 18, 2025
Virtual Event (Teams)
Earn up to 7 CPE
$125 for GWDC Members
$200 for Non-Members

 

 

NIST Privacy Framework Workshop

This intensive one-day virtual workshop, “NIST Privacy Framework,” scheduled for Saturday, October 18th, 2025, will provide participants with a thorough understanding of how to manage privacy risks and protect individual privacy while achieving organizational objectives. The workshop will cover strategies for implementing privacy practices that align with regulatory requirements. Participants will gain valuable insights and practical knowledge to enhance their organization’s privacy management capabilities. The workshop offers 7 Continuing Professional Education (CPE) credits.

Registration closes on October 16 @ 5PM.

Register Today!

 

 

More about the NIST Privacy Framework

The NIST Privacy Framework (PF) is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. Visit the NIST website for resources and events related to the NIST Privacy Framework

More about the Framework

 

Event Details

Date and Time

The workshop will be held on October 18, 2025 from 9:00 am to 5:00 pm.

Add this event to your calendar using the Add to Calendar link at the bottom of the page.

 

Virtual Event

The workshop will be held using Microsoft Teams.

Prior to the event, the instructor will email all participants the Teams link for the course along with course materials

 

Pricing

The fee for GWDC Members is $125 for the workshop.
The fee for all other registrants is $200 for the workshop.

To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.

 

Event Policies

Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details.

The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services.
All complaints should be submitted through the Registration Contact Form.

 

 

Comments from Prior Workshop Attendees

“It was and is an excellent review of the NIST Privacy Framework 1.0 and how to use it. I also enjoyed listening to the questions of others and the instructor’s answers, and the overall discussion that ensued. It was an excellent use of my time. Also, the cost was reasonable, as a member of the chapter.” – Harvey N

“I thought this was a great class. I liked that active participation was encouraged and i really appreciated that Jim was willing to share so many materials with the class.” – Jessica C

“Jim has an interactive presentation style that goes beyond the slides and brings the course material to life.” -Rich R.

“The presentation slides were very informative and easy to read. Also, the instructor’s continual active engagement of the attendees.” – Nathan P

The instructor was very knowledgeable about the NIST Privacy Framework and offered lots of examples for each module. I feel like I now know and understand the basics and purpose of the NIST Privacy Framework.” – Jacob L.

 

 

Course Outline

Module 0: Course Overview and Introduction

  • Introduction and Course Overview
  • Participant Introductions
  • What is the NIST Privacy Framework?
  • Course Schedule
  • Course Format
  • Learning Objectives
  • Expected Outcomes
  • Student Prerequisites
  • Course Logistics
  • Recap

Module 1: Introduction to Privacy and Risk Management

  • Defining Privacy in the Modern Digital Landscape
  • Challenges in Managing Privacy Risks
  • Enterprise Risk Management Overview
  • The Role of Privacy in Organizational Goals
  • Evolution of Privacy Frameworks
  • Data Processing Ecosystem Overview
  • Ethical Decision-Making and Privacy
  • Key Stakeholders in Privacy Risk Management
  • Privacy Risk vs. Compliance Risk
  • Building a Privacy-Driven Culture
  • Case Study
  • Quiz

Module 2: Core Components of the Privacy Framework

  • Overview of the Privacy Framework Core
  • Identify-P Function
  • Govern-P Function
  • Control-P Function
  • Communicate-P Function
  • Protect-P Function
  • Categories and Subcategories: Structuring Privacy Activities
  • Linking Privacy to the Cybersecurity Framework
  • Granularity in Privacy Risk Management
  • The Importance of Subcategory Customization
  • Case Study
  • Quiz

Module 3: Building and Using Profiles

  • What Are Privacy Profiles?
  • Current vs. Target Profiles
  • Role of Profiles in Organizational Privacy
  • Steps to Develop a Privacy Profile
  • Prioritizing Outcomes and Activities
  • Using Profiles for Self-Assessment
  • Aligning Profiles with Business Needs
  • Comparing Multiple Profiles Across Roles
  • Integrating Profiles in Organizational Strategy
  • Profiles as a Communication Tool
  • Case Study
  • Quiz

Module 4: Implementation Tiers and Organizational Maturity

  • Overview of Implementation Tiers
  • Partial Tier: Foundational Privacy Management
  • Risk-Informed Tier: Evolving Awareness
  • Repeatable Tier: Formalized Practices
  • Adaptive Tier: Continuous Improvement
  • Criteria for Assessing Maturity Levels
  • Progression Through Tiers
  • Linking Tiers to Organizational Goals
  • Collaboration and Communication for Tiers
  • Realizing Privacy Maturity Benefits
  • Case Study
  • Quiz

Module 5: Privacy Risk Assessment and Mitigation

  • Defining Privacy Risk Factors
  • Problematic Data Actions and Their Impacts
  • Steps in Privacy Risk Assessment
  • Risk Models for Privacy Management
  • Likelihood and Impact Analysis
  • Responding to Privacy Risks
  • Risk Mitigation Strategies
  • Using Privacy Risk Assessment Methodology (PRAM)
  • Balancing Risk Tolerance and Resources
  • Implementing Risk Assessment Outcomes
  • Case Study
  • Quiz

Module 6: Governance and Accountability

  • Importance of Governance in Privacy
  • Developing Organizational Privacy Values
  • Establishing Roles and Responsibilities
  • Policies for Privacy Risk Management
  • Training and Awareness Initiatives
  • Monitoring and Reviewing Privacy Policies
  • Strengthening Cross-Functional Collaboration
  • Accountability Across Ecosystem Stakeholders
  • Embedding Privacy in Decision-Making
  • Reporting on Privacy Metrics and Progress
  • Case Study
  • Quiz

Module 7: Integrating Privacy into the System Development Lifecycle (SDLC)

  • Aligning Privacy with SDLC Phases
  • Planning for Privacy from the Start
  • Privacy in Design and Build Phases
  • Deploying Privacy-Centric Solutions
  • Operating with Privacy Safeguards
  • Decommissioning with Privacy in Mind
  • Privacy Engineering Objectives Explained
  • Predictability, Manageability, and Disassociability
  • Leveraging SDLC Artifacts for Privacy
  • Practical Integration Techniques
  • Case Study
  • Quiz

Module 8: Engaging in the Data Processing Ecosystem

  • Understanding Ecosystem Roles
  • Privacy in the Data Processing Ecosystem
  • Identifying Stakeholders and Relationships
  • Privacy Requirements Communication
  • Contracts and Governance in the Ecosystem
  • Managing Interdependencies
  • Using Interoperability Frameworks
  • Assessing Ecosystem Risk
  • Aligning Ecosystem Roles with Privacy Goals
  • Ecosystem-Wide Collaboration and Innovation
  • Case Study
  • Quiz

 

 

Share this Event

If you are interested, planning to attend, or attending this event, please share with your colleagues across your social media networks.

 

 

Instructor

Jim Wiggins

Jim Wiggins
AAISM, AAIA, AIGP, CISM, CISA, CRISC, CISSP, ISSEP, CGRC (CAP), SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, FITSP-M, MCITP, MCSE: Security, MCSE: Messaging, MCSA, MCDST, Server+, Network+, A+, CDPSE, PMP, ICE-CCP, DACUM Facilitator

Jim Wiggins is a seasoned IT and cybersecurity expert with over 29 years of industry experience, 24 of which have been dedicated to information security – and, more recently, the last 3 years on artificial intelligence. He is the Founder and CEO of Securible, LLC, a Washington, DC-based cybersecurity training and consulting firm specializing in practical, forward-thinking solutions. Through Securible, Jim has championed innovative approaches to address emerging threats, ensure regulatory compliance, and harness the power of Artificial Intelligence in IT audit, cybersecurity, governance and privacy. Throughout his distinguished career, Jim has trained well over 20,000 IT and cyber professionals, underscoring his commitment to education and the advancement of the field.

In addition to his leadership at Securible, Jim also serves as the Founder and CEO of the Federal IT Security Institute (FITSI), a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI provides role-based cybersecurity certifications designed to fortify the U.S. federal cybersecurity workforce.

Enhancing his contributions to the cybersecurity community, Jim hosts a TV show in the Washington, DC area called Cybersecurity Today. The program offers expert insights, in-depth analysis, and the latest updates on cybersecurity trends and threats, further establishing his role as a prominent thought leader in the industry.

Recognized as a Federal 100 award recipient in 2019 and the Federal Information Systems Security Educators’ Association (FISSEA) “Educator of the Year” in 2011, Jim is widely respected for his commitment to elevating cybersecurity education.

In the rapidly evolving arena of Artificial Intelligence (AI), Jim has directly trained well over 1,000 IT and cyber professionals on generative AI fundamentals through intensive sessions with the Department of the Interior’s University, the Defense Information Systems Agency (DISA), the National Risk Management Center (NRMC) within CISA, and the Greater Washington DC Chapter of ISACA. He leverages AI-driven tools such as ChatGPT, Gemini, Dalle, Midjourney, and Copilot to translate complex concepts into practical, governance-focused applications.

Jim holds numerous certifications, including:

  • Artificial Intelligence: AAISM, AAIA, AIGP
  • Cybersecurity: CISM, CISA, CRISC, CISSP, ISSEP, CGRC (CAP), SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and FITSP-M.
  • Information Technology: MCITP, MCSE: Security, MCSE: Messaging, MCSA, MCDST, Server+, Network+, A+.
  • Privacy: CDPSE, CIPP/US
  • Project Management: PMP (Project Management Professional).
  • Education: ICE-CCP (I.C.E. Certified Credentialing Professional), DACUM Facilitator

Jim is currently finalizing a master’s degree in education from George Washington University with a concentration in Assessment, Testing, and Measurement.

 

 

Questions about this Event

If you have any registration questions about this event, please contact us by completing the Registration Contact Form linked below.

Registration Questions

 

If you have CPE questions after the event has concluded, please contact us by completing the CPE contact form linked below.

CPE Questions

 

 

CPE Information

Earn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org

 

Poll Questions

Participants must respond to all the poll questions polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.

 

CPE Distribution and Evaluation Survey

CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.

 

Learning Objectives

  • Understand the foundational components and structure of the NIST Privacy Framework.
  • Gain knowledge of privacy risk management and its importance in protecting individual privacy.
  • Learn strategies for aligning privacy practices with organizational objectives and regulatory requirements.
  • Develop skills to implement the framework in real-world scenarios effectively.
  • Apply the framework through practical exercises to address privacy challenges and enhance management capabilities.

 

CPE-Related Details

  • Prerequisites: None
  • Advance Preparation: None
  • Program Knowledge Level: Basic
  • Delivery Method:  Group Internet Based
  • Field of Study:  Information Technology – Technical

Details

Venue

  • Virtual Event

Organizer

  • Clifton Persaud (Certifications Program and Special Assistance Requests)
  • Email certifications@isaca-gwdc.org