0345 4506120

Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner - IBITGQ


Learn from the experts how to meet the requirements of the EU General Data Protection Regulation (GDPR). Gain knowledge of the Regulation, a practical understanding of the methods and tools for implementing and managing an effective compliance framework, and how to fulfil the role of data protection officer (DPO).

The Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner Combination course consists of the Certified EU General Data Protection Regulation Foundation (one-day) and Practitioner (four-day) training courses. This unique training programme provides a comprehensive introduction to the requirements of the GDPR, and a practical guide to planning, implementing and maintaining a GDPR compliance programme. It also enables attendees to fulfil the role of DPO.

Delivered by an experienced data protection consultant, the course is built on the foundations of our extensive practical experience advising on implementing compliance with data privacy laws and related information security standards such as ISO 27001.

Accredited qualification

The course also supports professional development: attendees who pass the exams are awarded the ISO 17024-certificated EU GDPR Foundation (EU GDPR F) and EU GDPR Practitioner (EU GDPR P) qualifications by IBITGQ. It is also accredited by the Institute of Information Security Professionals (IISP) and satisfies the IISP Skills Framework requirements at Level 1: A1, A2, A3, A4, A5, A6, A7, B1 and C2.


Learning Objectives

Who should attend this course?

 - Business directors or managers who want to understand how the requirements of the GDPR will affect their organisation.

 - Managers involved in or responsible for GDPR compliance, such as:

    • Privacy managers;
    • Data protection managers;
    • Information security managers;
    • IT managers;
    • Project managers;
    • Corporate governance managers;
    • Risk and compliance managers;
    • General or privacy counsels; and
    • Finance, HR or marketing managers.

 - Individuals with a basic knowledge of data protection regulation and practices, and looking to develop their career with a professional qualification.

Course materials include:

    • A real-life case study
    • Data protection impact assessment tool
    • GDPR compliance gap assessment tool
    • Course slides
    •     The tools are included free of charge for all attendees to use in the workplace.


There are no formal entry requirements although delegates must pass the Foundation examination before they can sit the Practitioner examination.

Course Content


Certified EU General Data Protection Regulation Foundation

This Foundation-level course provides a complete introduction to the GDPR, and an overview of the key implementation and compliance activities.

What will you learn on this course?

  • Essential General Data Protection Regulation (GDPR) background and terminology
  • The six data protection principles
  • Special categories of personal data
  • The rights of data subjects, including data access requests
  • Controllers and processors
  • Data protection by design
  • Securing personal data
  • Reporting data breaches
  • How to perform a data protection impact assessment (DPIA)
  • The role of the data protection officer (DPO)
  • Transferring personal data outside the EU
  • The powers of supervisory authorities


Certified EU General Data Protection Regulation Practitioner

This Practitioner-level course is focused on equipping attendees with the knowledge and skills to implement and manage an effective privacy and information security compliance programme under the GDPR, and fulfil the role of the role of DPO.

The course takes a practical approach, using:

  • a real-life case study to demonstrate best practices and methodologies,
  • a DPIA tool to help assess and address privacy risks, and
  • a GDPR compliance gap assessment tool to help prepare a compliance plan.

What will you learn about on this course?

  1. The role of the DPO
  2. What constitutes personal data
  3. Accountability, the privacy compliance framework and PIMS (personal information management system)
  4. Lessons to be learnt from common data security failures
  5. The six data protection principles – how to apply them and demonstrate compliance
  6. Security of personal data
  7. Organisational risk management framework
  8. Legal requirements for a DPIA (data protection impact assessment)
  9. How to conduct a DPIA with a DPIA tool
  10. Why and how to conduct a data mapping exercise
  11. The rights of data subjects
  12. Giving and withdrawing consent
  13. Handling data subject access requests
  14. Roles of, and relationships between, controllers and processors
  15. Transferring personal data outside the EU, and the mechanisms for compliance
  16. How to prepare for GDPR compliance using a compliance gap assessment tool

The course includes:

  • Professional training venue
  • Comprehensive course materials
  • EU General Data Protection Regulation Foundation (EU GDPR F) and Practitioner (EU GDPR P) exams    
  • Certificate of attendance

Exams & Certification

Attendees take the EU General Data Protection Regulation Foundation (EU GDPR F) and Practitioner (EU GDPR P) examinations consisting of 60-minute and 90-minute multiple-choice exams certificated by IBITGQ. There is no extra charge for these exams.

Please note that all EU General Data Protection Regulation (GDPR) Foundation and Practitioner exams are now online exams, so you will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1-2 days before sitting the exam.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include