IS/DPP for staff #1 - intro

- Internal -

IS/DPP Baseline Training

E-learning - Intro

2- Internal - Page

IS/DPP

INFORMATION SECURITY

DATA PROTECTION

PRIVACY

3- Internal - Page

IS/DPP


DATA PROTECTION

PRIVACY

4- Internal - Page

IS/DPP


DATA PROTECTION

PRIVACY

5- Internal - Page

Why Do We Need Training?

6- Internal - Page

Training Objectives

Create awareness about IS/DPP

7- Internal - Page

Training Objectives


Give a high-level overview of the ACG policy framework on IS/DPP Refresh the basics and principles on IS/DPP

8- Internal - Page

Training Objectives



Answer the question: “What is my role, as a staff member, in IS/DPP?” Give some guidance on good and bad practice.

9- Internal - Page

Training Objectives



Answer the question: “What is my role, as a staff member, in IS/DPP?” Give some guidance on good and bad practice.

Provide signposting to where you can find more information and guidance

11- Internal - Page

What will You Learn?

What is information classification? Why is it needed? What are the different classification levels of data handled at ABC?

12- Internal - Page



What are the general principles of IS/DPP?

13- Internal - Page




What are “layers of defense”?

14- Internal - Page




What are “layers of defense”? How do I, as a staff member, contribute to those layers of defense?

16- Internal - Page

For ACG

17- Internal - Page

Centrally

18- Internal - Page

You

19- Internal - Page

For You

As a part of ACG handling ACG data

20- Internal - Page

For You

As a data subject:

staff member, cardholder,…

As a part of ACG handling ACG data

21- Internal - Page

IS/DPP is not… (just) hacking

22- Internal - Page

IS/DPP is also… social engineering.

23- Internal - Page

IS/DPP is also… incidents.

24- Internal - Page

IS/DPP is also… thinking like an attacker

25- Internal - Page

IS/DPP is not… new

Code of Conduct:

I. I act fairly, honestly and transparentlyII. I respect othersIII. I comply with the law and professional standardsIV. I comply with instructionsV. I manage conflicts of interestVI. I comply with data protection and information securityVII. I work in the customer’s best interestVIII. I protect ABC’s interestsIX. I act professionallyX. I report any irregularity observed

Insert ABC’s code of conduct principles, e.g.

26- Internal - Page

ABC IS/DPP Policy Framework

27- Internal - Page

ABC IS/DPP Policy FrameworkAbout continuously

Changes• In the regulatory environment• In processes• In people (JLT)• In technology

28- Internal - Page

ABC IS/DPP Policy FrameworkAbout continuously

Environment

Physical

HumanDevice

Application

Repository

Carrier


Net

wor

k

Data

3rd Parties

29- Internal - Page

Blocks in the Course

Environment

Physical

HumanDevice

Application

Repository

Carrier


Net

wor

k

Data

3rd Parties

1. Introduction

2. Why?

3. Data (Classification)

4. Layers

5. Access

6. Acceptable Use

7. Incidents

8. Monitoring

30- Internal - Page

More Information on IS/DPP at ABC

Intranet: (insert hyperlink)

31- Internal - Page

Relevant Points of Contact

IT Helpdesk Incidents

Information Security OfficerISO

Support relating to information security (= overall + more technical side)

Data Protection OfficerDPO

Support relating to personal data protection

Information Asset OwnerIAO

Centralization of information / documentation on an Information Asset

Human ResourcesHR

Support on Join, Leave, Transfer

Procurement Unit Support on Relationships with Third Parties

Legal Unit Support on agreements

Marketing Unit Support on use of (personal) data for marketing

Who is Who in IS/DPP?

32- Internal - Page

What do we Expect of You?

General Mandatory “Please” “Pretty Please”Baseline Test X

Baseline Videos X

Higher Belt Test X

Extra Videos X

Policies X

Guidelines X

Monitoring X

Useful links X

Target Group Mandatory “Please” “Pretty Please”Classroom Training X

Test X

33- Internal - Page

Be a Hero. Help us Protect.But Most of All…

IS/DPP

IS/DPP for staff #1 - intro

Education

Transcript of IS/DPP for staff #1 - intro