Governance and compliance: legislation in a broader perspective

Important principles of the GDPR are Accountability and Auditability. Non-compliant behavior is sanctioned with fines of material importance. This means that the GDPR does not differ from laws and regulations from non-EU countries. It is reasonable to assume that GDPR compliance will become part of governance codes. With this, the responsible party will report on the privacy policy in the management report and the results thereof in the social accountability. The accountant charged with the statutory audit will determine the risks of a sanction of material importance and determine that the annual report is correct. The measures of Administrative Organization and Internal Control (AO / IC) are interpreted in which a bridge is built to the thinking of R.W. Starreveld, the founder of AO / IC) to what is currently important in the context of data protection and privacy.

Teacher: André Biesheuvel

Content

Module B3 “Governance and Compliance” consists of two parts, namely:

• B3a – Governance and Compliance – legislation in a broader perspective
• B3b – Governance and Compliance – further elaborated

Module B3a is a part that will provide the student with insight into Governance & Compliance viewed from a broader perspective of legislation and primarily aimed at data protection and safeguarding privacy.

Important principles of the GDPR are Accountability and Auditability. Non-compliant behavior is sanctioned with fines of material importance. This means that the GDPR does not differ from laws and regulations from non-EU countries. It is reasonable to assume that GDPR compliance will become part of governance codes. With this, the person responsible will report on the privacy policy in the management report (annual report) and the results thereof in the social accountability. The auditor charged with the statutory audit will examine the risks of a material sanction and determine that the management report (annual report) is correct.

Participants in the module learn to translate the requirements of laws and regulations and their interpretation in standards (even better the Policy Framework) into the framework of Governance & Compliance, the risk management of their organization, so that compliance with the GDPR is part of the risk management system. is becoming. Participants are enabled to put the manager in control of the processing of personal data.

In this module, we work towards a governance solution, which has been elaborated in a methodology, perhaps more precisely a code of conduct, with which, through adequate administration and documentation, including evidence of effective operation, every responsible person who adheres to that code of conduct can be accountable. can demonstrate that it has become Auditable and on the basis of which it can render account to society, including those involved, regulators such as the Dutch Data Protection Authority (AP) and many others

Do you have questions or need an appointment?

Feel free to contact us at +31 (0) 70 392 22 09 or servicedesk@duthleracademy.nl. Make an appointment with one of our training advisors.