Data Governance: The Connection Between Data Privacy and Information Security - ITG141


Each year in the United States and around the world regulations are enhanced to further protect citizens and nations from those wanting to gain from others. This course will focus on three highly relevant topics concerning corporations and individuals today: Data Governance and Data Privacy and what is needed to build a robust data management program.

The program is designed to heighten an auditor’s knowledge of Data Privacy and Data Governance and what is a part of Data Management, using common business language. During the course we will discuss some current and pending regulations and explore some of the known vulnerabilities, threats and risks facing today's enterprise or agency, and some of the more common controls used to safeguard data, regardless of its form.

By the end of our course attendees will gain a broad base understanding of data governance, data privacy and information governance as well as how to build a data management program including incorporating Data Privacy and Data Governance components into every audit engagement.

During the session we will conduct a series of activities, which will provide attendees with the “bones” of a data management program from designing data dictionaries to assessing the program controls.

Learning Objectives:

Build a repeatable and agile Privacy Program that fits the changing regulatory and criminal landscape

Build a repeatable and agile Data Governance Program that fits the changing regulatory and criminal landscape

Develop Data Privacy policies and procedures to meet company culture and regulatory requirements

Develop a Data Governance Program that meets regulatory and business requirements

Prerequisite: Introduction to Information Security (ISG101), Cybersecurity Audit School (ITG250) or equivalent experience
Advance Preparation: None
Learning Level: Basic
Delivery Method: Group-Live
Field: Auditing

What you will learn

1. The Connection between Data Governance, Privacy and Information Security

2. The Difference Between IT, Data and Information Governance

3. Data Privacy, Data Governance and Information Governance Fundamentals

4. Fundamentals of Data Management
• Data dictionary
• Data classification
• Data ownership
• Data custodianship
• Data controls

5. Common Privacy Frameworks and Principles

6. Data Privacy Regulations – US and International

7. Critical Components and Success Factors when building or assessing Data Management and Privacy Programs

8. Policy Considerations Related to Data/Information

9. Data Privacy and Data Management Assessments

10. Data Related Contract Language (SLA, MOU, SOW)

11. Common privacy and data management related vulnerabilities, threats and possible risks facing enterprises who use the Internet to:​
• Interact with Consumers, Customers, Suppliers and other Third Parties through computers and mobile devices
• Process, Transmit or Store Cardholder or other Personally Identifiable Data
• Use Social Media
• Use email, chat and Voice Over IP

12. Basic Control Suite

13. Audit Programs and Procedures
• Auditing Privacy and Data Governance
• Auditing the Data Management Program

Further information

ACI Learning
ACI Learning
4 Days
Scheduled dates
Course type:
Amsterdam, Atlanta, GA, Bandar Seri Begawan, Boston, MA, Burlington, MA, Cape Town, Charlotte, NC, Chicago, IL, Dallas, TX, Denver, CO, Dubai, Dublin, Dublin, OH, Hong Kong, Houston, TX, Las Vegas, NV, London, Manila, New York, NY, Oman, Orlando, FL, Philadelphia, PA, San Antonio, San Diego, CA, San Francisco, CA, Seattle, WA, Singapore, Virtual Training Room Only, Washington, DC

Contact Information

ACI Learning

6855 S. Havana St.
Suite 230
80112 USA