FAS (Foundation)


Foundation, Application and Substance (FAS) Seminar with Certification and Service Check

Of the The General Data Protection Regulation (GDPR) and other local and global privacy and protection mandates are now into effect. However, the compliance component continues to be an evolving and on-going challenge for most organizations.

The Need

Given that GDPR and other data privacy and protection including IT and cybersecurity compliance is an ongoing journey, we recently asked our participants to discuss how their organizations had complied with GDPR. The headline figure revealed that less than half of the companies were ‘fully compliant’ on the enforcement date of 25 May, with roughly a quarter (27%) not fully compliant and the rest (23%) unsure.

Given the potential fines and reputational damage for non-compliance companies cannot afford to neglect the correct GDPR methodology for implementation. The focus on GDPR and data privacy and protection including IT and cybersecurity compliance will remain high on the corporate agenda of all businesses.

Who should participate

The post-implementation execution of the updated FAS seminar/workshop is for all individuals who are the stakeholders in managing data protection, privacy, IT Governance and IT and Cybersecurity within the organization. Participants with GDPR awareness who wish to improve the effectiveness of their IT Governance, Data and Compliance strategy, and streamline the GDPR processes will be able to use our methodology to ensure long-term compliance.

The scope of the seminar

The module based one-day event provides a comprehensive introduction and the practical understanding of the post-implementation implications and the legal requirements. The structured methodology and the implementation path to ensure EU GDPR compliance, and how GDPR stakeholders can help avoid additional work, loss of reputation resulting from data breaches, and the mandatory cyber resilience, data protection, and cybersecurity issues.

We will review current IT and data issues post GDPR implementation and how companies can now develop an IT and data security strategy.


The GDPR FAS certification course will provide a complete overview of the EU GDPR, with a practical understanding of the implications and legal requirements for an organization of any size. We will further focus on the practical application (Foundation) and the material substance of the GDPR articles on the GDPR execution including scope, approach, structure, data flows and mapping to ensure ongoing compliance. (Application & Substance) The multiple choice certification exam takes place after the seminar (smartphones or iPads are not suitable) on the web. The holder of an EU GDPR FAS qualification exam certificate is registered on the EUGDPR Institute® successful candidate record database to document registration and validity of your GDPR qualification.

Seminar content and topics covered will include:

  • The background of EU GDPR and important
  • An overview of the regulatory framework of local, regional and global privacy laws
  • How to document the data mapping process to identify personal data items, formats, transfer methods and locations;
  • The data subject’s rights to an individual’s personal
  • The hidden challenges of third-party vendor risk management
  • Consent management and cookie compliance
  • Procedure for Processing Efficient and effective management of subject access requests
  • Privacy by Design and Default
  • The What, When and How of Data Privacy Impact Assessments(DPIA)
  • Incident identification response and the response
  • The lifecycle of a data breach and breach reporting
  • GDPR and Sales and marketing requirements and the execution issues of post-implementation monitoring and controls
  • GDPR and Sales and marketing requirements and the execution issues of post-implementation monitoring and controls
  • The multijurisdictional & territorial scope of the EU GDPR
  • Updating the Privacy Shield, Codes of Practice, SCCs or Binding corporate rules
  • Conducting Data audits
  • Awareness training and competence requirements
  • We will also discuss the recent case studies for non-compliance and explore the global best practices that can lead to excellence in GDPR, data protection, privacy, IT and cybersecurity progress.

pre reading material will be provided and participants will receive some documents, policies, templates to be able to start the implementation process. A complete set of 25-30 documents are given after the completion of the 3-day CEP (Certified Expert Practitioner) certification seminar.