CSA CODE Of CONDUCT FOR GDPR COMPLIANCE
Enterprises around the world are looking for ways to show their compliance to Europe’s General Data Protection Regulation (GDPR). The Cloud Security Alliance (CSA) has developed a Code of Conduct designed to offer both a tool for GDPR compliance and transparency guidelines regarding the level of data protection offered by the Cloud Service Provider.
The purpose of the course is to qualify the first auditors that would be able to audit companies against the requirements of the CSA Code of Conduct for GDPR compliance Certification. The instructor for this course will be ICT, privacy & data protection lawyer, Dr. Paolo Balboni 2-Day Training for Auditors
Day 1: 9.00 to 18.00
9.00 -10.00: GDPR Fundamentals & CSA Code of Conduct (CoC): Objectives, Scope and Methodology
10.00-10.30: Coffee Break
10.30-12.30: CoC Controls 1 to 5 explained
1. CSP DECLARATION OF COMPLIANCE AND ACCOUNTABILITY
2. CSP RELEVANT CONTACTS AND ITS ROLE
3. WAYS IN WHICH DATA WILL BE PROCESSED
4. RECORDKEEPING
5. DATA TRANSFER
12.30-13.30: Lunch
13.30-15.30: CoC Controls 6 to 10 explained
6. DATA SECURITY MEASURES
7. MONITORING
8. PERSONAL DATA BREACH
9. DATA PORTABILITY, MIGRATION, AND TRANSFER BACK
10. RESTRICTION OF PROCESSING
15.30-16.00: Coffee break
16.00-18.00: CoC Controls 11 to 15 explained & Governance and Adherence Mechanisms
11. Data retention, restitution, and deletion
12. Cooperation with the cloud customers
13. Legally required disclosure
14. Remedies for cloud customers
15. Cloud Service Provider insurance policy
CoC Governance and Adherence Mechanisms
Day 2: 9.00 to 18.00
9.00 -11.00: Case study 1
11.00-11.30: Coffee break
11.30-12.30: Feedback on the work performed on Case study 1
12.30-13.30: Lunch
13.30 -15.30: Case study 2
15.30-16.00: Coffee break
16.00-18.00: Feedback on the work performed on Case study 2 and final remarks
Comments are closed.