0845 450 6120

Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner - IBITGQ

The EU General Data Protection Regulation (EU GDPR) is new legislation that provides a single, harmonised data privacy law for the European Union. With the increasing risk of data breaches from cyber attack, the EU GDPR aims to prevent the loss of personal data by improving data security for all individuals living in EU member states. UK organisations have until May 2018 to comply with the new law, or potentially face fines of up to 4% of annual turnover or €20 million.

The Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner Combination course consists of the Certified EU General Data Protection Regulation Foundation (one-day) and Practitioner (four-day) training courses. This unique training programme provides a comprehensive introduction to the requirements of the EU GDPR, and a practical guide to planning, implementing and maintaining an EU GDPR compliance programme. It also enables delegates to fulfil the mandatory role of data protection officer (DPO) under the EU GDPR.

The course also supports professional development: delegates who pass the included exams are awarded the ISO 17024-accredited EU GDPR Foundation (EU GDPR F) and EU GDPR Practitioner (EU GDPR P) qualifications by IBITGQ.

Who should attend this course?

  1. Managers who are already involved in data protection with either an information security or data protection background.
  2. Individuals with little experience but who wish to enter the field of data protection with a professional qualification.

See All Dates


Learning Objectives

This training course will provide delegates with detailed knowledge of the GDPR and its various provisions, offering practical implementation advice and guidance on the more technical aspects of data security.

Delivered by experts in the fields of data protection legislation and information security, the course combines practical application with theory to provide a solid grounding for real-world implementation.

Successful completion of the course demonstrates to employers that the candidate possesses essential knowledge of the GDPR, and a sound understanding of the practical implications and applications.


There are no formal entry requirements.

Please note that delegates must pass the EU General Data Protection Regulation Foundation (EU GDPR F) exam before they can be awarded the EU GDPR Practitioner (EU GDPR P) qualification.

Course Content

Certified EU General Data Protection Regulation Foundation

This Foundation-level course provides a complete introduction to the EU GDPR, and an overview of the key implementation and compliance activities.

  1. Essential EU GDPR background and terminology
  2. Key differences between the Data Protection Act and the EU GDPR
  3. Data subjects and their rights
  4. Dealing with subject access requests
  5. Marketing requirements
  6. The implementation path to EU GDPR compliance:
    1. Privacy by design
    2. Data privacy impact assessments (DPIA)
    3. Data audits
    4. Training and competence requirements
    5. Incident response and breach reporting
    6. Updating policies and procedures
  7. International data transfers
  8. Replacing Safe Harbour – the new requirements


Certified EU General Data Protection Regulation Practitioner

This Advanced-level course is focused on enabling delegates to fulfil the role of data protection officer (DPO) under the EU GDPR, and covers the Regulation in depth, including implementation requirements, the necessary policies and processes, as well as important elements of effective data security management.

  1. Setting up a privacy compliance framework
  2. The role of the DPO
  3. Common data security failures, consequences and lessons to be learnt
  4. GDPR privacy principles
  5. Data privacy impact assessments
  6. Developing a risk management framework
  7. Data mapping
  8. The rights of data subjects
  9. Consent rules
  10. Subject access requests
  11. The roles of and relationships between controllers and processors
  12. Dealing with third parties and data in the Cloud
  13. Demonstrating compliance with the GDPR
  14. Data breach reporting requirements
  15. Range of enforcement, regulatory and compensatory aspects of the GDPR

Exams & Certification

Delegates take the EU General Data Protection Regulation Foundation (EU GDPR F) and Practitioner (EU GDPR P) examinations consisting of 60-minute and 90-minute multiple-choice exams accredited by IBITGQ. There is no extra charge for these exams.

One Month
Two Months
Three Months
More than Three Months
PRINCE2 Foundation & Practitioner
MSP Foundation & Practitioner
APMP Certificate
ITIL Foundation
Scrum in One Day
Certified ScrumMaster
ISTQB Software Test Foundation
Microsoft Project
BCS Business Analysis Practice
Other - Please Specify Below

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include