During one of IT Governance’s GDPR (General Data Protection Regulation) training courses last year, a delegate from a well-known financial services company asked:
I’ve just come on the course to understand how the GDPR works. Why do I need to sit an exam and achieve a qualification as well?
While we’re sure the course did provide a comprehensive introduction to the GDPR, we make no apology for including an exam, and – for those who passed – awarding a GDPR qualification.
Having a detailed knowledge of the GDPR is one thing, but having a qualification on your resume that verifies this knowledge will make you stand out from the crowd.
GDPR qualifications in the US
Our GDPR Foundation and Practitioner training courses were the first qualifications of their kind available in Europe, and they’re now also available in the US.
Although the GDPR is an EU regulation, many businesses in the US are affected, as the rules apply to any organization in the world that processes EU residents’ personal data.
These courses, like our ISO 27001 training program, are the product of our continued partnership with the IBITGQ (International Board for IT Governance Qualifications).
Its qualifications are certified by gasq, which is fully certificated to the ISO/IEC 17024:2012 standard. IBITGQ also reinforces our long-held view that the most valuable IT qualifications are those awarded by independent, international, and accredited examination bodies.
Qualified professionals will be in demand
The scale of the GDPR means that qualified individuals are in high demand. This problem is especially apparent outside of Europe, because many information security experts haven’t focused on the GDPR.
Those who have studied the GDPR will be proverbial golden geese, because they are one of the few people that can help organizations meet their compliance requirements.
Such experts are generally being courted to fill organizations’ DPO (data protection officer) responsibilities.
DPOs are mandatory for organizations in the public sector and for those with ‘big data’ processing activities.
The person filling the role should be an independent data protection expert responsible for advising the organization on how to meet its GDPR requirements. Their tasks include:
- Advising staff on their data protection responsibilities
- Monitoring the organisation’s data protection policies and procedures
- Advising management on whether DPIAs (data protection impact assessments) are necessary
- Serving as the point of contact between the organisation and its supervisory authority
- Serving as a point of contact for individuals on privacy matters.
It’s a challenging role to fill, since it requires expertise the practicalities of data protection as well as the requisite knowledge of the legal aspects of the GDPR.
Organizations struggling to find someone appropriate might be better suited using our GDPR DPO as a service.
We take the hassle out of finding a DPO, acting as one on your behalf. One of our experts will complete the necessary tasks and be available whenever you need advice to help you comply with the Regulation.
Getting started with the GDPR?
Those looking to understand how the GDPR works should enrol in one of our training courses. Depending on how familiar you are with the Regulation, you might prefer either our:
Both these courses are available in online or distance learning format, so you can save the time and money traveling to a classroom.
A version of this blog was originally published on 6 March 2019.