Developing the community of Data Auditors

FDPPI welcomes the circular of CERT In to the empanelled auditors recommending the FDPPI’s three day program scheduled to be held at Bengaluru on September 27, 28 and 29 for C.DPO.DA. Certification.

It may be observed that FDPPI’s approach is to develop “Certified Data Protection Officer and Data Auditor” through this program. Most of the training organizations stop at discussing the requirements of a DPO who has the responsibility to guide implementation of “Compliance By Design” in an organization.

However, FDPPI considers that DPDPA envisages a definitive role for independent “Data Auditors” who will conduct periodical (annual) audits of organizations regarding the compliance of the Act. FDPPI believes that this is a statutory recognition for auditors who would be conducting “DPDPA Compliance Audit” .

FDPPI has therefore placed an equal emphasis on “Data Audit” in its C.DPO.DA. program which makes it globally unique. While in future we may split the program into two parts with the “Lead Implementer” and “Lead Auditor” roles being considered separate, at present both these are combined in the C.DPO.DA. program which makes it unique.

Accordingly, the curriculum of the program covers

The real impact of this program on the professionals and the organizations in which they work will be enormous.

a) The legal basis for Data Protection in the form of nuances of DPDPA 2023 along with ITA 2000, CPA 2019 and also international laws such as GDPR.

b) Implementation challenges for “Compliance by Design” with Technical and Organizational controls including the technical challenges of

-Data Discovery, Data Classification, Data Storage, Data Access, Consent Management, Management of Rights of Data Principals, Minor’s Data Management, Data Breach Management, Data Retention Management, Data Confidentiality, Integrity and Availability Management, Grievance Redressal management, Management of Consent Managers, Data Pseudonymization, etc.,

c) Governance Challenges related to how the risks can be assessed and managed including Data Valuation and using Cyber Insurance.

d) Conducting an Audit of how an organization has complied with the DPDPA 2023 requirements in a technical environment with a focus on how to look for evidence gathering and validation.

FDPPI’s Certification C.DPO.DA. is a crown jewel which would be available only for those who successfully complete the examination.

All persons who attend the program are given one free attempt at the examination. Examination would be online for a duration of 2 hours. If they opt out of the examination, they will get a “Participation Certificate”.

If they appear for the exam and cross the first cut-off point, they will be eligible for “C.DPO.DA-L1 (Foundation Level)” Certificate. If they cross the second cut-off point, they will be eligible for “C.DPO.DA.-L2 (Implementation Level) Certificate”. If they are able to cross the third cut-off point they will be eligible for C.DPO.DA.-L3 (Expert Auditor Level) certification.

Appropriate reading material would be provided both online and offline. Discussions will include lectures and Case study discussions.

It is our desire that we want to make the Program an elevating experience for all the participants.

Look forward to meeting you…

Naavi

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.