Data Protection Officer course

Enabling you to manage privacy compliance effectively

Privacy is no longer just a compliance or security issue. It has become a strategic topic at boardroom level since significant changes to the European legislation were announced. In today’s business environment, increasing focus is being placed on privacy and (cyber) security compliance, governance and incident management. To be successful, companies need privacy professionals who are capable to manage privacy and security in a risk based and integrated manner.

What makes this course different?

  • A hands-on approach focused on privacy risk management
  • Not just theory but real-life scenarios and business-focused solutions
  • A holistic approach of the legal, governance and operational/technical aspects of the privacy challenge
  • Useful tools and takeaways, quick reference guide, etc.

Target audience

  • The nominated DPO, CISO CIO or CRO
  • Any privacy professional, seasoned or novice
  • Non-privacy professionals who have privacy as part of their responsibilities
  • A board member or business manager seeking to get in-depth privacy knowledge

Course design

The Data Protection Officer Course runs over three consecutive days and is divided into 3 modules.

The course is fully hands-on with lots of different business scenarios as well as practical tools you can take home for immediate use on the job.

Each day, a number of useful tips will be given to help you with the exam afterwards.

Module 1 - Privacy fundamentals

  • Getting to know each other's situation and background and establishing each participant’s main goals
  • Learning the ins and outs of the applicable privacy legal framework as well as the interaction with different supervisory authorities
  • Analysing the potential impact of data protection requirements on your organisation
  • Applying the legal theory in practice via a scenario-based, interactive approach

At the end of this module, you will understand what the main (current and upcoming) privacy and data protection obligations are, what the law requires and how it is being enforced and applied in practice. In addition you will have learned how these legal and compliance requirements have an impact on your professional environment.

Module 2 - Privacy in practice

  • How should a DPO (or any privacy professional) interact with the rest of your organisation
  • How to “up and down-sell” privacy in your organisation and not have privacy get “lost in translation”
  • How to understand and connect the dots between the technical/operational, the people/management as well as the compliance side of privacy and data protection (basic concepts of security / IT / Privacy ROI / employee monitoring etc.)
  • What you should know when you engage with your colleagues at IT, legal and compliance, IT security, sales & marketing, HR, and even the board

At the end of this module, you will have learned the relevant basis concepts to get to know how other departments such as security / IT / HR / Marketing etc. work and think in relation to the privacy risks/requirements.

You will have obtained useful insights and tools (eg how to set up a privacy compliant security policy) to apply directly in your job and how to better ”sell” privacy within your organisation.

Module 3 - Privacy Governance

  • How to set up a realistic and manageable risk based governance structure
  • How to choose and start implementing a suitable (auditable) privacy program methodology for your organisation
  • How to effectively set up and monitor privacy compliance using tools such as e.g. privacy impact assessment, data mapping analysis, establishing a effective accountability framework, prepare for a data privacy audit from a data protection authority (DPA) etc. 
  • Using scenarios, we will start from scratch to build up a framework that enables you, the DPO, to efficiently manage and achieve privacy compliance in a phased, structured, long-term manner

At the end of this module, you will know what the main components are of a risk based privacy management program.

We will have explained which actions in each phase of your program will enhance the effective data privacy information gathering as well as its compliance monitoring in practice. Finally, this module will have provided you with useful tips on how to ensure your program can stand (external or internal) audit scrutiny.

DPO Course: Continuous Professional Education

Deloitte's DPO course has been accredited as Continuous Professional Education (CPE) by the following institution:


The European Privacy Academy’s DPO course is pre-approved by the International Association for Privacy Professionals for a maximum of 12 CPE credits for the holders of CIPP/E, CIPM and CIPT designations.

What our participants are saying

  • “Very interesting course with useful tips & tricks on introducing privacy awareness into your organisation”
  • “It exceeded my expectations”
  • “I will recommend this course to other people”

The two most important conclusions drawn out of the feedback received from our DPO course participants:

  • All attendees of the DPO course would likely or very likely recommend this course
  • The attendees to the most recent DPO course were privacy professionals active in various industry sectors in both international and local Belgian companies. The interactive approach of the course made it possible to cover the different challenges that all participants have to face and also provided the opportunity to learn from each other’s experiences. 

Upcoming DPO courses

February 2020 session

A session will be held on 3, 4 and 5 February 2020. 

Practical information

Price: € 2,490 (excl. 21% VAT)
Course language: English

Deloitte Gateway Building
Luchthaven Brussel Nationaal 1 J 
1930 Zaventem

More information

Other Data privacy courses offered by Deloitte include several department-specific courses.

Department-specific courses

open in new window More info

Get in Touch

Erik Luysterborg

Erik Luysterborg

Partner, Risk Advisory

Erik leads the Security & Privacy group as well as the European Data Protection & Privacy service line. He deals with security and privacy issues related to both traditional (out) sourcing as well as ... More