Fall 2023 CDPSE Two day exam review class (Live Webinar)

Starts:  Oct 22, 2023 09:00 (ET)
Ends:  Oct 29, 2023 17:00 (ET)
Associated with  New York Metropolitan Chapter

The final day of class registration will be closed on Oct 16th, 2023 at 8 pm. No exceptions are made.
Due to COVID-19, this event will be online only.
" Please register for this class using the private email address (gmail, yahoo, aol, hotmail address) and not your organizations's email address.
Many organizations block emails with attachments and block webex links"

The CDPSE Exam Review Class is offered in live global webinar format.

Dates and Times: All times are New York time (Eastern Standard Time). Please click here to here time and date in your location. 
Sunday, Oct 22th, 2023 9:00AM-5:00PM EST
Sunday, Oct 29th, 2023 9:00AM - 5:00PM EST

Privacy risk management can be from an organizational policies perspective or regulatory compliance perspective. In the USA, the financial services industry has its privacy requirements enumerated in Graham Leach Bliley Act  (GLBA). The Healthcare industry has its privacy requirements in Health  Insurance Portability and Accountability Act (HIPAA) and later in  HITECH. There are also other institutions governed by privacy acts such as FERPA for educational institutions. Regulatory requirements is the primary driving force for privacy implementations. These days, almost every organization has a Chief Privacy Officer (CPO) to oversee privacy compliance.
Although  privacy requirements are regulatory or policy-oriented, their implementation is always on information systems. It is very important for IT control and risk management professionals to understand how IT  controls will affect privacy compliance.
 Having  80+ countries having privacy regulations, how do you comply with all of them? The answer is Privacy by design. ISACA has introduced a new certification called CDPSE which focuses on Privacy By Design. While you are grandfathering that certification w/o passing the exam, do you really know what it is? This class gives you highlights of what it is about.
Prerequisite: Some background in controls or auditing or risk management


Who should attend: CPOs,  DPOs, Auditors, Privacy by Design professionals, IT Professionals, IT  managers, IT project managers. IT Auditors, Control professionals. Chief  Privacy Officers, IT auditors, security professionals, control professionals, healthcare professionals, financial services professionals, and management.
What Problem Does This Training Help Solve?
Helps you manage privacy risks originating from organizational policies and regulatory requirements based on Design.

Course Material: 
Content-rich manual/course handouts consisting of about 290 foils
Exam Support: Jay  Ranade will answer any written questions received up until 30 days after class. Please note that although questions will be sent by individuals, answers will be emailed to all attendees registered for the webinar. The identity of the question sender will not be disclosed. Jay will reserve the right to paraphrase the questions to enhance understanding.

CPE Credits: 14     Capacity: webinar - 15 people

Live broadcast webinar location: Anywhere in the world

Refund Policy: 80% refund on or before September 25 2023. Refund must be requested in writing and will not be accepted after the said date. 
Course Syllabus:
Privacy requirements that are related to individuals and data associated with those individuals arise from regulatory requirements such as GLBA,  HIPPA, PIPEDA (Canada), GDPR, CCPA, etc. This seminar will cover privacy risks from a management perspective as well as from an audit perspective.  It will include the implementation of privacy-related controls, privacy frameworks, privacy risk management, regulatory compliance, privacy policies, the role of the CPO, privacy auditing, and other related topics.
 To comply with ISACA certification general focus will be on:

  1. Privacy Governance
  2. Privacy Architecture
  3. Data Lifecycle

Topics to be covered:

  • What is Privacy? 12 questions of privacy
  • Principles of privacy
  • Privacy governance, management, and controls
    • Privacy policy FW
    • Privacy policy, data classification


  • Healthcare – HIPAA and HITECH
  • Financial services – GLBA
  • Privacy risk identification, assessment, treatment, and monitoring
  • USA vs. EU privacy
  • Safe Harbor vs. Privacy Shield
  • Privacy policies
    • Standards, procedures
    • IT Controls
    • IT-GC and IT-AC for Privacy


  • Privacy Frameworks
  • Privacy Impacts
  • 18 elements of PII
    • Anonymization


  • Privacy risk model
    • Data location, data ownership, data leakage


  • Privacy control objectives and controls
  • Internal Auditor’s Role in Privacy
  • Auditing Privacy controls
  • Privacy considerations for data storage, data processing, and data transmission
  • End of life media disposal
  • Encryption and access control
  • Confidentiality aspect of CIA
  • Responsibility and accountability
  • Privacy awareness and training of employees
  • Third-party exposures
  • Trans-border transmission of privacy-related information
  • Privacy and cloud computing
  • Privacy KRIs and KCIs

 Very Important:

Anyone who fails to make a payment online will not be considered an attendee.  Registering for this class does not automatically register you for CDPSE exam. Please register for the exam by logging on to ISACA international website: http://www.isaca.org

  • CPE  credits can be applied toward each ISACA designation that is held. Full  CPE credits will be awarded only if all sections of Exam Preparation classes have been attended.


  • Webinar sessions are not being recorded - it's a live broadcast.


  • You cannot switch between onsite and online sessions once decided if offered for this class.


  • Webinar access instructions are provided 5 days prior to the first day of class.


  • For webinar attendees, you can also test if you are able to connect to the gotowebinar website by following the instructions here: http://bit.ly/1JvcdSy