The Institute of Internal Auditors Indianapolis Chapter is providing a 4 HOUR CPE course to get you ready to mitigate risks associated with Data Privacy. Take advantage of a training in Downtown Indianapolis related to a HOT TOPIC that is becoming more relevant as information technology continues to evolve. Everyone of us is impacted by data privacy concerns whether its keeping our personal, employer, or customer information safe. This is a great value for the quality of CPE!  Stay tuned for more details about the contents of this course.

Speaker Bio – DANIEL FRANK

Daniel Frank’s professional experience includes over 14 years in Information Technology, specializing in privacy and data protection, information security management, and identity management.  Mr. Frank excels at privacy and data protection program development and management.  He has helped numerous clients with various aspects of their privacy and data protection programs from requirements definition, data flow analysis, risk assessment, and strategy development through program development and implementation such as policies, procedures, notices and guidelines, opt-out programs, business process controls, incident response plans, training and awareness programs, metrics, monitoring, and reporting dashboards, and organizational models.  Mr. Frank has international experience in Canada as well as Europe and has built privacy and data protection programs to meet a variety of industry and country specific legal and regulatory requirements.  He is a Certified Information Privacy Professional and Certified Information Systems Security Professional, and has spoken at conferences for the IIA, ISACA, and IAPP.

Course Description

This CPE course will focus on how to integrate privacy into your internal audit program. During this course, we will begin by providing an overview of privacy and data protection, including how personal information and privacy are defined, cultural differences as it relates to privacy, market drivers for privacy, global privacy laws, regulations, standards and associated requirements, data movement challenges, compliance and breach risks and potential impacts, and components of holistic privacy programs. We will then discuss types of privacy internal audits as well as some key steps to privacy internal audits, such as requirements and control framework definition, asset inventory and risk ranking, data flow analysis and risk assessment, and remediation planning. We will also discuss the importance of establishing a repeatable and sustainable privacy internal audit process and integrating internal audit in your organizations overall privacy program.