£1,995.00 £1,595.00 excl. vat

This 4-day GDPR Foundation & Practitioner training course provides a detailed introduction to the EU GDPR, and a full overview regarding how to plan and implement a continuous compliance programme. It enables delegates to fulfil the knowledge requirements of a Data Protection Officer (DPO) – a position that will become a legal requirement in EU Organisations with a central data storage and processing function, in May 2018. The GDPR Foundation & Practitioner course consists of the EU GDPR Foundation (two days) and GDPR Practitioner (two days) training courses.

GDPR Foundation & Practitioner Course (DPO) – 4 days

The EU General Data Protection Regulation (GDPR) is a new directive that will provide a singular data protection law for the European Union – creating a reference and basis upon which security platforms can be initiated, to prevent the loss of personally identifiable information as a consequence of security breaches. The GDPR will enforce stringent data protection requirements for all organisations that possess or process personally identifiable information, and/or monitor the behaviour of EU citizens. Noncompliance with the new directive, will result in organisations facing substantial and financially catastrophic fines of up to 4% of their global turnover or €20 million, or 2% and €10 million depending on the severity of the offence. Therefore, it is essential for this implementing changes in their organisation to take this all-inclusive GDPR Foundation & Practitioner course.

The GDPR replaces the Data Protection Act, to ensure that data protection laws are up to date with the “internet age” and are responsive to the ever-elevating threat of security breaches and cyber-attacks. Coming into effect on May 25th 2018, the directive is prescriptive and will help to reassure European citizens that their personal data is safe – enhancing their confidence and interaction with online services. The regulation puts the security of EU citizens at the forefront of all processing activities – including granting individuals new legal rights concerning access and data erasure, and holding organisations accountable for any obligations that they fail to adhere to. The Government has confirmed that the GDPR will come into effect regardless of the Brexit referendum result, hence organisations must ensure that they are fully compliant prior to the regulation’s instigation.

The Role of a Data Protection Officer (DPO)

show more

Our GDPR Foundation & Practitioner training course will guide you through the actions and responsibilities of a Data Protection Officer so you can be fully prepared for the new obligations expected within the newly defined role. The newly qualified GDPR DPO can be a current staff member or a contractor, however, the role must be designated on the basis of professional qualities, and expert knowledge of data protection laws. DPOs must adhere to the GDPR requirements, as listed in Article 39:

  • Inform and advise the controller or the processor and the employees who are processing personal data of their obligations pursuant to this Regulation
  • Monitor compliance with this Regulation, including the assignment of responsibilities, awareness-raising, and training of staff involved in the processing operations, and the related audits
  • Provide advice where requested with regard to the data protection impact assessment and monitor its performance pursuant to Article 35
  • Cooperate with the supervisory authority (the ICO)
  • Act as the contact point for the supervisory authority on issues related to the processing of personal data

Course Content

GDPR Foundation
This 2-day General Data Protection Regulation (GDPR) Foundation course provides a complete introduction to the EU GDPR and an overview of the key implementation and compliance activities.

  • Introduction to the GDPR
  • Key GDPR terminology
  • An introduction to the GDPR’s structure – the legal articles and recitals
  • Main differences between the Data Protection Act and the EU GDPR
  • Principles of the GDPR
  • Key roles and features of the GDPR
  • The rights of Data subjects
  • Lawful processing of personal data
  • Subject access requests and how to deal with them
  • Complying with the EU GDPR
  • Privacy by design
  • Binding Corporate Rules
  • Data protection impact assessments (DPIA)
  • Breach reporting and responses
  • The role of the DPO

GDPR Practitioner
The 2-day General Data Protection Regulation (GDPR) Practitioner course enables delegates to fulfil the role of data protection officer (DPO) under the EU GDPR, and covers the Regulation in depth. This includes implementation requirements, the necessary policies and processes, in addition to acquiring knowledge concerning important elements of effective data security management. This GDPR Practitioner course covers the following topics:

  • Demonstrating compliance with the GDPR
  • Planning for compliance – privacy compliance frameworks and gap analysis
  • Legal requirements of the GDPR
  • Lawful Processing – rights and consent
  • Data Processing for Marketing purposes
  • Subject Access Requests
  • Common data security failures, consequences, and lessons to be learnt
  • Privacy principles in the GDPR
  • Data Protection Impact Assessments
  • Personal Information Management Systems (PIMS)
  • Data Breach reporting requirements
  • Dealing with third parties and data in the Cloud
  • International transfers & the EU-US Privacy Shield
  • Practical Implications of GDPR
  • Notification Obligations
  • Protecting personally identifiable information
  • Penalties for non-compliance
  • The rights of data subjects
  • Data controllers and processors – roles and responsibilities


This GDPR Foundation & Practitioner course is intended for:

  • Information Security Professionals
  • Compliance Officers
  • Data Protection Officers
  • Risk Managers
  • Privacy Managers
  • IT Security Professionals


There are no pre-set formal qualifications required prior to sitting GDPR Foundation & Practitioner Course – it is designed for individuals looking to enhance their knowledge of GDPR and implement a compliance programme within their business.

Exam Details

The GDPR Foundation exam tests a candidate’s knowledge of the principles of GDPR, subject rights, and the underpinning background of the GDPR. The exam consists of:

  • 45 Multiple Choice Questions
  • 60 Minutes
  • A 65% Pass Mark is required to gain the GDPR certification
  • Closed Book

The GDPR Practitioner exam assesses a candidate’s knowledge of compliance mechanisms, cloud and third-party processing, the implications of the GDPR, Data Protection Impact Assessments, security breaches, and the expectations the GDPR roles. The exam consists of:

  • 30 Multiple Choice Questions
  • 10 Scenario-based Questions
  • 90 Minutes
  • 55% Pass Mark required to gain the GDPR certification
  • Open Book

show less


North London Business Park
Oakleigh Rd S
New Southgate
N11 1NP

North London Business Park

Directions from Arnos Grove Tube (Piccadily):

Walking directions 

  1. Walk west on Bowes Rd/A1110 towards Palmers Rd (0.3 mi)
  2. At the roundabout, take the 1st exit onto Waterfall Rd/A1003
  3. Turn left to stay on Waterfall Rd/A1003
  4. Turn right onto Brunswick Park Rd
  5. Go through 1 roundabout
  6. Turn left
  7. Go through 1 roundabout
  8. Turn left
  9. Destination will be on the left


  1. Walk to Arnos Grove Bus Stop A
  2. Take Bus 34 heading to Barnet Church
  3. Get off on the 5th stop at Beaconsfield Road (Stop BJ)
  4. Walk east on Oakleigh Rd N/A109 towards Brunswick Ave

Directions from New Southgate Railway Station

Walking directions

  1. Walk north-east
  2. Turn left towards Station Rd/A109
  3. Turn left onto Station Rd/A109
  4. Turn right onto Friern Barnet Rd/A1003/A109
  5. Slight left to stay on Friern Barnet Rd/A1003/A109
  6. Continue to follow A1003
  7. Go through 1 roundabout
  8. Turn left onto Brunswick Park Rd
  9. Go through 1 roundabout
  10. Turn left
  11. Go through 1 roundabout
  12. Turn left
  13. Destination will be on the left