Towards Becoming a Data Auditor in India
At present there is a large section of professionals in India with expertise to conduct audits for Information Security and some of them are also engaged as “Auditors of CERT In Empanelled organizations”. The “Auditors of CERT In Empanelled organizations” were expected to be a hybrid type of auditors who were capable of assessing the Information System Controls from the perspective of compliance to the ITA 2000 provisions which was the law of the land. This required a “Techno Legal Understanding” that not all IS auditors could manage successfully.
With the need to now understand DPDPA 2023, the role of Techno Legal Auditors in India has undergone a further change and there is an urgent need to upgrade the expertise of “Technically qualified Information Security Auditors to understand the need to conduct audits with the Legal perspective”.
This transformation from Technical Information Security Audit to Techno Legal DPDPA audit is the need of the day and is being addressed by FDPPI though its C.DPO.DA. (Certified Data
Protection Officer and Data Auditor) Course.
In order to expand the reach of such course, FDPPI is conducting a three-day offline program exclusively designed for Information Security experts including “Auditors of CERT In Empanelled organizations”.
The first of such program will be held in Bengaluru, on 27th ,28th & 29th September 2024.
Venue:
Viveka Auditorium Yuvapatha,
#4, 31st Cross Rd, 4th T Block East, 4th Block, Jayanagar, Bengaluru, Karnataka 560011
Contact: fdppi4privacy@gmail.com
Payment for Registration can be made here:
Kindly note that all participants would be eligible for Participation Certificate with 18 hours CPE. The participants are also eligible for attending the online examination within October 15 and obtain the full certificate C.DPO.DA.
The normal fee of Rs 10000/- for examination is waived for the participants for one appearance within 15th October 2024. One year individual membership worth Rs 10000/- is also free.
The program would be lead by Naavi and would include several case study discussions and practical issues in the implementation of DPDPA Act and upcoming rules.
The program would also discuss the details of India based frameworks such as the Cyber Security Framework of CERT In and BIS standard (draft) for Data Governance and Data Protection. It may be noted that at present there is no other similar program in India with a focus on Indian requirements of data protection, particularly to the depth to which this program goes in.
Appropriate reading material would be provided during the program for the participants including a copy of the book “Guardians of Privacy…by Naavi”
This program will further strengthen the approach of FDPPI to develop an indigenous approach to the compliance of DPDPA using DGPSI along with CSF of CERT-In for information security of applicable personal information.
Price with GST
(For the Bengaluru Program only)
| Type | Discounted Price | GST | Total |
| Cert In Auditors | 32000/- | 5760/- | 37760/- |
| Early Bird(till 15th September 2024) | 34000/- | 6120/- | 40120/- |
| Full price | 40000/- | 7200/- | 47200/- |
The program is designed for “Auditors of CERT In Empanelled organizations” and the capacity is a maximum 25 numbers. A few Auditors who are not “Auditors of CERT In Empanelled organizations” are being accommodated on specific request.
Posted in Uncategorized
Leave a comment
PM Modi calls for Indigenous Standards… DGPSI is one such in the Data Protection domain
One of the notable mentions made by Prime Minister Mr Modi during the Independence Day Speech yesterday was a call for development of Indigenous standards.
This was heartening since FDPPI has been working on the indigenous standard DGPSI (Data Governance and Protection Standard of India) which is meant as a framework for organizations to be compliant with DPDPA 2023.
Currently many organizations and professionals work around available but incompatible frameworks such as ISO 27001 and 27701 and claim that they are able to achieve compliance of DPDPA 2023.
This view arises both from the point that the companies know these frameworks, worked with them and are familiar. The fear of the unknown and “Resistance to Change” prevents them from even considering an alternative solution. Often they find excuse in the fact that their customers ask them if they are ISO 27001 compliant or GDPR Compliant and therefore they have no choice.
Choices can be considered only if there is a conviction that frameworks like ISO 27001 or 27701 were created for different contexts and though they may be best suited for those contexts, they need not be so for he Indian context.
For Example we have repeatedly drawn comparison to Cricket and pointed out that Gavaskar is a legend but today for the T 20 matches he is not the right choice ahead of say Suryakumar Yadav. Mr Neeraj Chopra may be the best Javelin Thrower in India but you cannot ask him to compete in discuss throw or shotput.
Once companies shed their resistance to look at the new frameworks, they need to understand what the framework suggests and arrive at their own conclusions about whether a customized ISO 27701 is a solution for DPDPA 2023 compliance or DGPSI is a better solution.
We must also accept that “Frameworks” are only guidelines and just because we follow a framework it does not mean that we are perfect in compliance. We all know how many companies in India are ISO 27001 compliant and whether they have the necessary security infrastructure. Implementation is therefore extremely important and this comes only with the understanding of the law of DPDPA 2023.
FDPPI in its One day workshops on “Implementation Challenges in DPDPA 2023” of the type being conducted in Navi Mumbai on August 31 and in Mumbai on September 1 addresses these requirements.
We invite all professionals in Mumbai and Pune to take advantage of this program and attend the same.
Naavi
Posted in Uncategorized
Leave a comment
Comments Submitted to MeitY
Based on the discussions had in the event of July 27 at Bengaluru and taking into account the written comments submitted by participants, FDPPI has collated the views and submitted a report to MeitY.
FDPPI has not yet formed the sector wise SIGs and formulated the recommendations on sector basis.
We will await the next version of the rules to be released by MeitY for further action in this regard.
A Copy of the report submitted is available in the library link in the menu.
Posted in Uncategorized
Leave a comment
Event on DPDPA Rules on July 27 2024
FDPPI and Naavi thanks all the physical and virtual participants of the event held yesterday at Bangalore. Special thanks to the panellists for sharing their valuable views. It was a hybrid event with the physical event happening at Suchitra Auditorium, Bengaluru.
Chief Additional Metropolitan Magistrate Sri C.K. Veeresh Kumar inaugurated the event and shared important suggestions for the effective functioning of the Dispute Resolution Mechanism under DPDPA/ITA 2000. Professor N K Goyal and Mr Rakesh Maheshwari (former Senior Director of MeitY) participated in the inaugural session (virtually).
Sri Rakesh Maheshwari gave a brief overview of the DPPDA Act and the proposed rules.
Naavi anchored the five panel discussions posing nearly 100 different questions to highlight the concerns related to the implementation of the proposed rules and the industry experts a few of whom participated virtually shared their views. In the process important insights have been gathered and are being collated.
All the participants have also been requested to present their views on the presently available rules and the suggestions will be collated and submitted to the MeitY.
Naavi
 |  |
 |  |
 |  |
 |  |
 |  |
 | |
Posted in Uncategorized
Leave a comment
DPDPA Rules: Collating the Industry Voice
Those registered participants who have not received invitation for the curtain raiser event today may kindly send an email…Naavi
REGISTER HERE
https://www.iletsolutions.com/fdppi_conference
FDPPI will be conducting a day long deliberations with the industry on July 27 to discuss the DPDPA Rules as published for Public consultation and collate the views for submission to MeitY.
The tentative program is as follows.
Participation is by registration and physical participation is limited. Registration can be made here:
https://www.iletsolutions.com/fdppi_conference
Feedback survey forms will be distributed at the venue to the registered participants and later by email to the online participants. This will be collated for submission to MeitY.
All Registered participants will be provided a full rebate of their delegate fee from the C.DPO.DA. program in the next one month by iLet Solutions and a discount of Rs 499/- by the publishers of the book “Privacy Guardians…”
For more information and Registration
Posted in Uncategorized
Leave a comment
DPDPA Rules: Collating the Industry Voice
The much awaited DPDPA rules is expected to be announced within the next two weeks. The published rules will be draft rules for public consultation.
In anticipation, FDPPI is organizing a full day event at Bangalore on July 27 to disseminate information on the rules and to collate the feedback from industries such as Fintech, Health Care, Digital Marketing, Education, Start Ups, MSMEs, Manufacturing industries etc.
A Draft set of Rules has so far been released by MeitY. It will be available here in a few days so that industry can formulate their thoughts to discuss on July 27.
The Venue of the Conference is Suchitra Film Society Auditorium at : 36, 9th Main, B V Karanth Road, 9th Main Road, near Post Office, Banashankari Stage II, Banashankari, Bengaluru, Karnataka 560070.
The tentative program includes discussions in multiple panels as follows:
- Panel 1: FDPPI: Introducing the observations of FDPPI
- Panel 2: Health Sector: Impact of DPDPA Rules on Health Sector
- Panel 3:Fintech: Impact of DPDPA Rules on Fintech Sector
- Panel 4: Education: Impact of DPDPA Rules on Education Sector
- Panel 5: Other Industries: Impact of DPDPA Rules on Digital marketing and Manufacturing Sector
The program is a hybrid program with speakers joining from all over India. The feedback received from the industry will be briefly discussed and collated for subsequent submission to MeitY.
Participation is by registration and physical participation is limited. Registration can be made here:
https://www.iletsolutions.com/fdppi_conference
Partners:
 |  |  |
Earlier Articles:
Posted in Uncategorized
Leave a comment
