Data Protection Auditor Training

Overzicht Volgende training

Looptijd 3 dagen

Tijd van 09u00 - 12u00 & 13u00 - 17u00

Onze docenten voor de opleiding: Data Protection Auditor Training

Jan Decorte

Data Protection Auditor Training

This three-day training course offers Data Protection Officers and privacy professionals a practical approach to efficiently auditing and systematically monitoring their organization’s GDPR compliance, as expected of a DPO under Article 39(1)(b) of the GDPR.

The training combines international audit standards, governance principles, and concrete audit techniques with realistic case studies from the instructor/auditor’s professional practice. Participants learn not only how to prepare and conduct an audit, but also how to correctly formulate findings, identify risks, and communicate audit results in a clear and convincing manner to the governing bodies that bear ultimate responsibility.

This training begins with the question: “How can we objectively determine whether an organization is truly GDPR compliant?” It focuses on governance structures, audit methodologies, and certification and accreditation systems, while also referencing ISO standards such as ISO 27701 and actively applying audit standards such as ISO 19011. Throughout the training, participants work with real-world examples, interactive exercises, and simulations that prepare them for actual audit situations and the accurate preparation of DPO reports with clear action plans and realistic priorities.

Training features

DPO’s role in GDPR compliance

DPOs must independently oversee data protection compliance, using audit skills to assess risks and provide clear recommendations to management.

Enhanced DPO skills

Practice-oriented training, designed for DPOs who wish to strengthen their role as independent and critical overseers of data protection.

From audit to GDPR accountability

Assess data protection compliance in a systematic, audit-driven manner. This training adapts internal audit methods to data protection and GDPR accountability.

From objectives to audit plan

The training focuses on aligning data protection goals with a risk-based annual plan, covering both organisation-wide and thematic audits.

Plan – Conduct – Report

Using a case study, participants learn to plan, conduct, and report a GDPR audit, with focus on the DPO’s role, turning findings into improvements.

Train management reporting skills

The training builds practical management reporting skills to structure insights, present key performance indicators clearly, and deliver concise reports.

Course highlights

Practical GDPR audit training specifically designed for DPOs and privacy professionals
Insight into audit objectives, governance, and compliance monitoring
Implementing the obligation set forth in Article 39(1)(b) of the GDPR regarding the DPO’s supervisory role
Overview of certification, accreditation, and ISO systems
In-depth introduction to ISO 19011 and the six audit phases linked to the PDCA cycle
Techniques for interviews, evidence gathering, and formulating findings
Focus on facts versus assumptions in audit reporting
Practical examples and real-life cases from experienced auditors
Introduction to AI tools and prompting in an audit context
Interactive group assignments and boardroom simulation
Practice in presenting a major finding to an executive committee

Target group

Are you a DPO, an internal or external auditor or do you want to further improve your advice for customers? Do you need guidance for a GDPR audit? Do you want to assess processors on GDPR or do you want to carry out external audits? Then this training is for you. GDPR knowledge is required for this training.

Learning goals

Educational approach of this course

This module is taught in English and takes place in a training room in a hotel.

The training is provided by teachers who are top experts in their field. The teachers present the subject matter by means of a presentation.

There is interaction with the group during the explanation. Typically, the group for this course is about 20 students (minimum 8, maximum 24 students).

Each student receives a printed version of the training material with space for taking notes. In addition, the information is made available in a digital learning environment. For all knowledge items, the teacher refers to practical examples.

How to prepare yourself

DPO certification or an introductory course GDPR.

You do not have to prepare anything prior to this training, except for a refresher on the main principles of the GDPR.

Click here for more information about our teachers.

Dag 1

09u00 - 17u00

Fundamentals of Auditing and Compliance

The first day begins with an overview of the different types of audits and the essential characteristics of an effective audit. We will also explore the relationship between auditing, governance, and organizational structure. On the first day, we will focus on conducting an ISO 19011 audit, including formulating audit objectives, developing an audit plan, and designing audit activities step by step.

The central question here is: how do we verify whether an organization is GDPR compliant, and what objectives does a client or organization aim to achieve through this? Participants will receive an overview of different types of audits and the essential characteristics of an effective audit.

Dag 2

09u00 - 17u00

Audit Methodology and Practical Application

The second day focuses on the practical execution of audits. The six audit phases are discussed in detail and linked to the PDCA cycle. Additionally, attention is given to social styles and communication skills, so that auditors can more effectively deal with different types of auditees.

Furthermore, the instructor covers techniques for obtaining relevant findings, distinguishing between facts and assumptions, and drafting clear and actionable audit reports. All topics are supported by practical examples and experiences from real-world audit situations. We also explore the use of Artificial Intelligence in auditing: where can you apply AI, and what factors should you consider?

At the end of the day, participants work in pairs on a practical exercise that involves identifying and reporting one or more non-conformities. The results are discussed in a group.

Dag 3

09u00 - 17u00

Exercises, Simulation, and Reporting to the Board

The third day begins with a discussion of the individual exercise and the key takeaways. Participants then work in pairs on a second practical exercise in which they analyze and prepare one or more audit findings.

The highlight of the training is a boardroom simulation in which participants present a significant finding to a fictional board of directors, played by members of DPI. In doing so, they practice not only their audit knowledge but also their presentation, communication, and persuasion skills in a realistic management context.

Prijs

€2.195

Exclusief BTW

Inclusief lunch, koffie, versnaperingen, cursusmateriaal & examen.

Prijs overheidsinstellingen €1750
KMO-Portefeuille - hogere tussenkomst voor thema CYBERSECURITY: 45% voor kleine en 35% voor middelgrote ondernemingen.

Vraag uw offerte

Registreer nu

Boek een gesprek

“”De GDPR Lead Auditor Training heeft me het kader en de tools gegeven om zelf aan de slag te gaan binnen het Wit Gele Kruis West-Vlaanderen.””

Angeline Pieters

Wit Gele Kruis West-Vlaanderen
“”De GDPR Lead Auditor bij DPI was intensief en leerrijk. We kregen nuttige best practices mee, een aanrader voor elke DPO.””

Gwendoline Senecaut

Stadsbestuur Middelkerke
“”De audit en compliance opleiding laat je gestructureerd kijken als externe objectieve waarnemer naar GDPR compliance van een bedrijf in al zijn facetten. GDPR compliance gestructureerd bekijken en beoordelen als bedrijfsproces en niet als one shot project.””

Yves Van Hecke

GDPR compliance @ AG Insurance

Planning 2026

Naam

Datum

Plaats

Taal

Inschrijven

Data Protection Auditor Training

22 juni tem 24 juni 2026

Park Inn By Radisson, Diegem

Sign me up

Data Protection Auditor Training

21 juni tem 23 juni 2027

Park Inn By Radisson, Diegem

Sign me up

We are recognized by:

Registratienummer KMO portefeuille: DV.O213013

Onze opleidingen zijn erkend voor de KMO-portefeuille. Hierdoor kan je van de Vlaamse Overheid, afhankelijk van of je een kleine of middelgrote onderneming bent, 30%, respectievelijk 20% subsidie krijgen op de inschrijvingsprijs.
Erkenning door Vlaanderen (Vlaams Opleidingsverlof)

Werknemers in de privésector hebben onder bepaalde voorwaarden recht op het Vlaams opleidingsverlof. Ze mogen afwezig zijn op het werk om een opleiding te volgen, terwijl hun loon wordt doorbetaald. Na de opleiding kan de werkgever een forfaitair bedrag terugbetaald krijgen als compensatie.
Juridische punten Orde van Vlaamse Balies

Indien je een individueel vormingsdossier bij de de Orde van Vlaamse Balies indient, kan je dit 30 juridische punten geven in het kader van algemene vorming.
Erkenning door Instituut van de Accountants en de Belastingconsulenten

Onze opleiding is erkend door het iec-iab. Het opleidingsprogramma komt in aanmerking voor de bijscholingsverplichtingen.
Erkenning door Instituut voor Bedrijfsrevisoren

Onze opleiding is erkend door het IBR-IRE. Het opleidingsprogramma komt in aanmerking voor de bijscholingsverplichtingen.
Erkenning door Instituut voor Bedrijfsjuristen

Onze opleiding is erkend door het IJE-IBJ. Het opleidingsprogramma komt in aanmerking voor de bijscholingsverplichtingen.
Erkenning door Gewestelijke Overheidsdienst Brussel (Brussels Betaald Educatief Verlof)

Onze opleiding is erkend door Brussel Economie en Werkgelegenheid van de Gewestelijke Overheidsdienst Brussel. Het opleidingsprogramma komt in aanmerking voor Brussels Betaald Educatief Verlof.