Assessment of the data processor's compliance with the GDPR regulations

Professionally prepared training on key issues related to conducting processor audits, which will equip participants with the skills to plan and execute the entire audit process.

About the training

An effective training for individuals looking to expand their knowledge in the field of personal data security and processor audits.

The training is conducted in the form of lectures and workshops, ensuring the effective application of new knowledge and skills to practical actions. We focus not only on providing theoretical knowledge but, most importantly, on delivering effective, practical methods and techniques, as well as valuable experiences and best practices. The training is one day long, and participants will receive a certificate of attendance upon completion. During the training, key issues related to conducting processor audits will be discussed. The materials and exercises carried out during the training will prepare participants to plan and execute the entire processor audit process.

Training objective

  • The objective of the training is to acquire knowledge and competencies in the substantive and practical preparation of participants for conducting processor audits.
  • Discussing the need for control over processors.
  • Gaining practical tips on how to audit a processor.
  • Identifying and discussing the legal foundations for conducting a processor audit.
  • Improving skills in the practical application of processor audit procedures.
  • Familiarizing with a wide range of post-audit actions.
  • Discussing the data controller’s rights after identifying significant deficiencies during the processor audit.
  • Discussing methods for selecting processors.
  • Adapting audit checklists to the audited entities.
  • The ability to apply measures appropriate to the irregularities revealed during the audit regarding personal data protection.
  • Familiarizing with the principles and rules that facilitate cooperation with the audited entity.

Training recipients

The training is aimed at individuals responsible for information security in their organizations, who wish to adapt processes and security measures to the requirements of the GDPR, as well as current and future Data Protection Officers, internal auditors, and anyone interested in the topic of processor audits based on the currently applicable regulations.

Language of the training

The training is conducted in Polish.

It is also possible to organize the training  in English.

Training methodology

  • Achieving the proper training outcomes is possible thanks to selecting both the right topics and methods tailored to the specific needs of the participants and the issues covered in the training. Below are the methods and techniques we employ:
  • LECTURE
    We provide knowledge to participants based on dedicated teaching materials, such as multimedia presentations. This is the foundational part of the training, during which we introduce the topic, discuss key concepts, describe roles, processes, procedures, etc.
  • PRACTICAL EXAMPLES
    As practitioners, we base our training program on real-life events presented for a specific problem. We help participants reach conclusions or solutions independently. Our training is highly focused on practice and the development of participants’ skills.
  • DISCUSSION
    Participants express their opinions and share experiences. A well-structured discussion topic, due to the clash of at least two viewpoints, usually triggers strong emotional engagement. The discussion enables the development of a common solution or prepares arguments on a specific topic.
  • BRAINSTORMING
    In a short time, we generate many ideas and solutions for specific problems and situations. We engage participants, stimulate thinking, and foster creativity.
  • EXERCISES
    Practical tasks related to the subject of the training, such as creating a process or conducting a case study. This effectively complements the lecture and practical examples.
  • TESTS
    We verify the participant’s level of knowledge and skills. We identify competency gaps and plan the educational process accordingly to enhance the participant’s skills. Depending on the nature of the training, this can be done using various tools, such as knowledge tests and performance assessments.
  • SIMULATIONS
    They provide an excellent sample of reality in which participants actively engage and experience the consequences of their actions.
  • SUMMARY
    After completing each topic, we summarize the discussed material. This is done by the trainer and allows participants to recall the most important issues related to the topic while providing them with the opportunity to verify their understanding of the material.

Trainer

The training is conducted by one of our trainers:

Weronika Stachowiak
A graduate of Geology at Adam Mickiewicz University in Poznań and Business Management with a specialization in risk analysis in projects at the Poznań School of Banking. In her many years of professional practice, she has provided advisory, analytical, and training services in the field of personal data protection and database management. She has extensive experience working with public municipal and educational institutions, as well as with specialized companies in the financial sector. At PBSG, she serves as a Consultant in the area of personal data protection, information security, and risk management.

Katarzyna Żuk
A graduate of the Faculty of Law at Adam Mickiewicz University in Poznań. She has over 10 years of experience in the commercial sector. She has provided advisory services in the ongoing operations of companies in civil and commercial matters. From a scientific perspective, she is interested in practical logic. She has completed numerous training courses in the creation, application, and theory of law, which she passionately applies in practice. At PBSG, she is responsible for supporting projects related to information security and personal data protection, as well as analyzing related documents.

Offline training

Training program

Day 1
9:00 - 16:00

  • Welcome participants
  • GDPR Processor Audit – Introduction and Basic Concepts
  • Audit Specification
  • Legal Status and Responsibilities of Entities Responsible for Personal Data Security
  • Analysis of the Benefits and Challenges of Conducting an Audit
  • Methodology and Principles for Conducting an Audit
  • Lunch Break
  • Who to Audit? Selection of the Processor
  • Tips for Auditing the Processor
  • Verification of Documentation
  • Response to Violations and Irregularities in Personal Data Protection
  • Post-Audit Actions in Practice
  • Questions and Discussion

Training price

Price per participant: 1200.00 PLN net

Conditions of participation

Price

The price of the training covers the service of the right to participate in a one-day training session for one participant. It includes training materials, a certificate, coffee breaks, and lunch during the training. The price does not include accommodation.

Payment will be made based on a correctly issued VAT invoice within 14 days from the date of receipt of the invoice, to the bank account of the organizer indicated on the invoice.

Conditions

The acceptance of the registration will be confirmed by email to the address provided in the registration form.

The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the fee paid for the course. Written withdrawal of registration no later than 10 business days before the start of the training will incur a fee of 30% of the course price. A written cancellation made less than 10 business days before the start of the training will incur a fee of 100% of the course price.

The price of the training listed in the training schedules is net, and should be increased by the applicable VAT rate.

The person/organization registering a participant for the training hereby authorizes, by expressing consent, the processing of personal data provided by PBSG SA, located in Poznań at Szyperska 14, for the purposes of order fulfillment.

Certificates

Training participation certificates will be sent to participants after meeting the conditions of at least 70% correct answers during the knowledge check test and payment settlement.

To participate in the training, you must fill out the registration form.

Submitting a registration indicates acceptance of the participation conditions and consent to the processing of personal data of the registered participants by PBSG SA for the purposes of order fulfillment, as well as promotion and marketing activities conducted by PBSG SA.

Organizational Information

  • Quality of Training

The training is conducted in accordance with the Training Service Quality Standards Handbook.

Registration for On-Site Training

Fill out this form if you want to participate in an Open On-Site Training. If you’re interested in online participation, register here: Online Training Registration Form.

We can also organize a closed training tailored to your specific request: send an inquiry and receive a quote.

Submitting the registration means acceptance of the terms and conditions of participation.

Online training

Training program

Day 1
9:00 - 16:00

  • Welcome to participants
  • GDPR Processor Audit – Introduction and Basic Concepts
  • Audit Specification
  • Legal Status and Responsibilities of Entities Responsible for Personal Data Security
  • Analysis of the Benefits and Challenges of Conducting an Audit
  • Methodology and Principles for Conducting an Audit
  • Lunch Break
  • Who to Audit? Selection of the Processor
  • Tips for Auditing the Processor
  • Verification of Documentation
  • Response to Violations and Irregularities in Personal Data Protection
  • Post-Audit Actions in Practice
  • Questions and Discussion

Training price

Price per participant: 700.00 PLN net

Conditions of participation

Price

The price of the training refers to the service of granting one participant the right to attend a one-day training session.

The price includes training materials and a certificate.

Payment should be made based on the correctly issued VAT invoice, within 14 days from the invoice receipt date, to the bank account of the organizer indicated on the invoice.

Conditions

Acceptance of the application is confirmed by email to the address provided in the registration form.

The organizer reserves the right to cancel the course. In the event of a course cancellation by the organizer, participants will receive a full refund of the fee paid for the course. Written cancellation of participation at least 10 business days before the start date of the training will result in a 30% charge of the training price. A written cancellation submitted less than 10 business days before the start of the training will result in a 100% charge of the training price.

The training price listed in the training schedules is a net price, which must be increased by the current VAT rate.

By submitting the application, the individual/organization authorizes PBSG SA, located at Szyperska 14, Poznań, to process the personal data provided for the purpose of order fulfillment.

Certificate

Certificates of participation will be sent to participants after meeting the conditions of at least 70% correct answers on the knowledge test and settling the payment.

To participate in the training, you need to fill out the registration form.

Submitting the application means acceptance of the terms of participation and consent for PBSG SA to process the personal data of the registered participants for the purposes of order fulfillment as well as promotion and marketing activities carried out by PBSG SA.

Organizational information

  • Organizational Information
  • Participants of the online training will be granted access to the training platform. On the day of the training, you will need to log in to the platform. The training will begin at the designated time. During the training, you will see the screen divided into three sections: presentation, trainer, and chat. Communication during the training will take place via the chat.
  • Technical Requirements:
  • Hardware Requirements: A computer with internet access, processor minimum 1.6 GHz, RAM minimum 4GB
  • Browser: The latest version of Chrome, Mozilla Firefox, or Safari.
  • Quality of Training
  • The training is conducted in accordance with the Training Services Quality Standards Handbook.

Registration for Online Training

Fill out this form if you want to participate in an online training. If you’re interested in on-site training, register here: Offline Training Registration Form.

We also offer closed training tailored to your specific needs: send an inquiry and receive a quote.

Submitting the registration means acceptance of the terms and conditions of participation.

Internal training

Dedicated exclusively to your organization – this approach guarantees comfort and flexibility to thoroughly discuss specific issues and situations within your organization. We understand that every business is different, so to effectively translate the acquired knowledge into your organizational context, we tailor the examples presented to your specific needs and business situation.

Training program

Day 1
9:00 - 16:00

  • Welcome to the participants
  • GDPR Processor Audit – Introduction and Basic Concepts
  • Audit Specification
  • Legal status and tasks of entities responsible for personal data security
  • Analysis of benefits and difficulties of conducting the audit
  • Method and rules for conducting the audit
  • Lunch break
  • Who should be audited? Selecting the processor
  • Tips for auditing the processor
  • Documentation verification
  • Response to breaches and irregularities in personal data protection
  • Post-audit activities in practice
  • Questions and discussion

How does it work?

Step 1

APPLICATION

In the first step, fill out the registration form to let us know about your interest in organizing a dedicated training for your company.

Step 2

DATE

We will set the date and location of the training – we will adapt to your availability and individual expectations.

Step 3

PRICE

We will present the terms and conditions for organizing the training based on the agreed parameters and the number of participants.

Step 4

TRAINING

We will deliver the customized training according to the agreed terms.

Please ask for a quote for an internal training session.

Check the program of other trainings

Training

NIS2 training for boards of directors

Learn more
Training

DORA: Fundamentals, Risk Management, and Organizational Preparation

Learn more
Training

Training on the requirements of the NIS2 Directive

Learn more

What do we do?

Information security

We help protect the key informational assets of your organization.

Check here

IT Security

We will enhance the resilience of your network and infrastructure against cyberattacks.

Check here

Personal data security

We enhance the level of personal data protection in your organization.

Check here

Cybersecurity

We conduct a threat assessment for your organization and help create a personalized cybersecurity plan.

Check here

Management control

We assist public entities in formulating goals, tasks, and conducting risk analysis.

Check here

Risk management

We offer comprehensive services in designing and implementing risk management systems.

Check here

Business continuity management

We will strengthen your organization’s resilience and prepare you for managing crisis situations and business continuity.

Check here

IT services management

We will build a set of principles and practices for delivering your IT services to end users.

Check here

erisk

Comprehensive risk management software. An efficient way to manage risk without spreadsheets.

Check here