Enterprises around the world are looking for ways to show their compliance to Europe’s General Data Protection Regulation (GDPR). The Cloud Security Alliance (CSA) has developed a Code of Conduct designed to offer both a tool for GDPR compliance and transparency guidelines regarding the level of data protection offered by the Cloud Service Provider.
The purpose of this 2-day course is to qualify the first auditors that would be able to audit companies against the requirements of the CSA Code of Conduct for GDPR compliance Certification. The course will cover the following areas:
GDPR Fundamentals & CSA CoC: Objectives, Scope and Methodology
CoC Controls 1-5: CSP declaration of compliance & accountability, CSP relevant contacts, ways in which data will be processed, recordkeeping and data transfer.
CoC Controls 6-10: data security, monitoring, personal data breach, data portability & migration, and restriction of processing.
CoC Controls 11-15: data retention/restitution/deletion, cooperation with the cloud customers, legally required disclosure, remedy for cloud customers and CSP insurance policy.
CoC Governance and Adherence Mechanisms
I will be teaching the course which will take place in the UP Building, Piet Heinkade 55, 1019 GM, Amsterdam