Governance and Oversight, GDPR for Data Governance

Governance and Oversight, GDPR for Data Governance

GDPR has major impacts on Governance, Risk and Compliance

The General Data Protection Regulation (GDPR) creates substantial new obligations on organisations to process and maintain information about EU citizens. It also creates a new regime of sanctions, fines and other penalties that significantly increase risk to organisations.  

GDPR is extensive in its scope covering culture, process, senior management, contracts and IT. Concepts such as "privacy by design and default" are both complex and pervasive across the organisation.

Effective governance for GDPR has to be correspondingly broad in its scope to ensure the organisation is effective in its operation, compliant in its behaviour and efficient in the maintenance of the evidence required to demonstrate compliance.

This course reviews the new regulation,describes industry best practice for governance and explains how to apply best practice to GDPR for effective governance.

This module is part of the EDMworks Data Management Agenda for Privacy

Completion of the course will enable delegate to:

- Describe key characteristics of GDPR

- Describe key impacts of GDPR on organisations

- Describe key risks organisations face as a result of GDPR

- Explain the characteristics, impacts and risks within the broader context of organisations management of personal data

- Describe best practice data governance models including:

    - Policies and standards

    - Governance process and organisation structure

    - Essential data architecture and design components

    - Senior management accountability and ownership models

    - Data quality management and remediation

    - Data dictionary and data mapping

The course is structured into the following components:

One eLearning course segmented into three modules. The contents of the three modules are described in Course Contents.

Each module consists of:

- A one day seminar/workshop, highly interactive with case study exercises and feedback

- An eLearning self-paced module on the General Data Protection Regulation

- An eLearning module on BCBS 239, Risk data management regulation and governance practices

Duration and timing

The workshop is a full day from 9-5pm.

Each eLearning module has an approximate duration of 1 hour.

On-line certification

This course contains an on-line certifications for the eLearning components.

Delegates can take the test at any time. One resit is allowed.

The test consists of multiple choice, matching pair and true/false questions. Test questions are randomised.

The test should take approximately 15 minutes. There is a time limit of 30 minutes.

The delegate must answer all questions correctly.


There are self-assessments in each module that you can take as many times as you like.

This is confidential and does not form part of your test score.

On successful completion, a certificate is issued and an on-line record of achievement is maintained

Global availability

The course modules and certification test are globally available without restriction.

They can be accessed 24/7.


The cost of the course for one delegate is GBP 650 includes the workshop and two eLearning courses (approx value GBP 200.00) (plus VAT where applicable).


When making payment you will be presented with several different PayPal options. Please choose the right one for you. If you have any queries, please contact us at


If you would like to pay against an invoice then please email us with Purchase Order details at

Corporate Rates

If you are interested in making a bulk corporate order, please email for more information.

This provides the delegate with:

- The eLearning Courses

- Recognised certificates

- Access to the workshop

Course Contents

Key characteristics and impacts of GDPR

- Background to GDPR

- New business processes required

- Privacy by design and default

- Consent

- Third parties

- The evidence required for compliance

- Summary of risks posed by GDPR

Best practice data governance models

- Evolution of data governance models

- Lessons learned from other regulations requiring governance

- Current best practice in data governance and examples of implementation

- Integrating third parties into your governance framework

- Organisation structure for effective governance

Culture and values

- The importance of culture and values for privacy and protection

- How to build a culture for effective privacy

- Training and development

Data Management Policies and Standards

- Scope of policies

- Interaction with other policies (e.g. security, records management)

- Key content of effective policies

Accountability and ownership for data

- The role of senior management in owning data

- Best practices ownership models

- Pros and cons of alternative approaches

Data architecture and design components

- Designing and implementing privacy by design and default

- Data architecture process, control and audit

- Interaction between architecture, governance and audit

Data quality management

- The importance of 'fit for purpose data'

- Trusted Sources for key data sets

- Data quality process and controls

- Integration of data quality with governance and control

Data flows, lineage and definition - essential evidence

- Explanation of practical lineage/flow mapping

- Practical limitation on mapping and versioning

- Best practice lineage and dictionary management

Last modified: Monday, 26 September 2016, 2:08 PM