培训会员
热门点击:参观考察 中层干部 研发管理 采购管理 海关事务 秘书文秘 人力资源管理 销售营销 绩效管理 仓储管理
您现在的位置: 森涛培训网 >> 公开课 >> 企业数据合规管理培训安全体系搭建培训 >> 课程介绍

企业数据合规、安全体系搭建与应对策略

【时间地点】
【培训讲师】 陈炽
【参加对象】 企业合规、法务、信息安全部门负责人,拥有合规、法务、信息安全职能的纪检监察部门负责人,从事合规、法务、信息安全实务操作的部门主管及一般员工,其他对数据合规、网络安全感兴趣的有识之士,以及想提高企业综合管理能力的优秀积极人士。
【参加费用】 ¥3980元/人 
【会务组织】 森涛培训网(www.stpxw.com).广州三策企业管理咨询有限公司
【咨询电话】 020-34071250;020-34071978(提前报名可享受更多优惠)
【联 系 人】 庞先生,邓小姐;13378458028、18924110388(均可加微信)
【在线 QQ 】 568499978 培训课纲 课纲下载    
【温馨提示】 本课程可引进到企业内部培训,欢迎来电预约!
培训关键词:企业数据合规管理培训,安全体系搭建培训

企业数据合规、安全体系搭建与应对策略(陈炽)课程介绍:

课程背景 Course Background:
    2018年5月25日,GDPR(欧盟通用数据保护条例,General Data Protection Regulation)正式生效,开启了一个新的数据合规时代。1000万到2000万欧元,或企业全球年营业额2%到4%的罚款让所有受其管辖的企业都必须将数据保护合规提升到生存高度予以应对。面对新法,企业的应对仍然显得十分不足。2017年,英国政府在“四大”协助下发布了富时350指数网络治理健康检查报告,报告显示近六成的受访者表示对GDPR不太或并不了解,同时仅有8%的受访者表示已经做了充分的准备,接近75%的人表示仅做了部分准备。那么从国内外来看,未来数据安全法规趋势如何?网络安全问题的本质是什么?企业如何规避不合规数据的风险?怎样提供可切实实施的风险整改计划?
    CCP法商精英荟特邀EY安永法证及诚信合规服务部门资深合伙人陈炽先生来为我们解读法规、分析案例、指点趋势。
    On May 25, 2018, the General Data Protection Regulation (“GDPR”) formally came into force, opening a new era of data compliance. A fine of Euro 10-20 million or 2-4% of annual global turnover forces the companies bound by GDPR to pay high attention to data protection compliance. However, enterprises’ response to GDPR seems to be quite inadequate. In 2017, the British government issued FTSE 350 Network Governance Report under the assistance of Big 4 Accounting Firms. The Report shows that nearly 60% of the respondents did not know much about GDPR, only 8% of them said they had made adequate preparations, and nearly 75% of them said they had made some preparations only. What is the future trend of the data security regulations at home and abroad? What is the nature of cybersecurity issues? How to avoid the risks of non-compliant data? How to develop a practical and feasible risk control plan?
    Mr. Chen Chi, a senior partner of EY Forensic & Integrity Services was invited to interpret GDPR, analyze cases and explain the trends.

课程收益 Course Benefits:
1. 了解GDPR、中国网络安全法及其他相关法律法规要点
Understand the main points of GDPR, the Cybersecurity Law of the People’s Republic of China and other relevant laws and regulations
2. 了解GDPR及其他相关法律对于企业所处行业的影响程度
Understand the impact of GDPR and other relevant laws and regulations on the industry
3. 了解企业各个层级部门应如何应对外界监管规定
Understand how the departments of enterprises at each level should cope with the regulations
4. 掌握提升企业数据合规、网络安全的方式方法
Learn the ways and means to improve enterprise data compliance and cybersecurity
5. 了解危机发生时应如何进行处理和应对的方法
Understand how to deal with crises
6. 学习先进风险评估框架,并能运用到实际工作中
Learn advanced risk assessment frameworks and apply them to practical work

谁该来参加 Who Should Attend:
企业合规、法务、信息安全部门负责人,拥有合规、法务、信息安全职能的纪检监察部门负责人,从事合规、法务、信息安全实务操作的部门主管及一般员工,其他对数据合规、网络安全感兴趣的有识之士,以及想提高企业综合管理能力的优秀积极人士。
Persons in charge of corporate compliance, legal affairs and information security departments; persons in charge of discipline inspection and supervision departments with the functions related to compliance, legal affairs and information security; department heads and general employees engaged in compliance, legal affairs and information security practices; far-sighted persons interested in data compliance and cybersecurity; and activists who want to improve the comprehensive management capabilities of their enterprises.

课程大纲 Course Outline:

一、GDPR及相关法律法规
GDPR and relevant laws and regulations
1. GDPR概述
GDPR overview
2. 中国网络安全法概述
Overview of the Cybersecurity Law of the People’s Republic of China
数据隐私保护Data privacy protection
网络安全等级保护Classified protection of cybersecurity
信息跨境传输Cross-border information transmission
网络安全监控与应急响应Cybersecurity monitoring and emergency response
3. 全球数据保护法律法规环境
Global data protection laws and regulations

二、数据合规、网络安全的趋势
Data compliance and cybersecurity trends
1. 数据安全事件及处罚案件
Data security incidents and punishment cases
2. 企业应对现状
Enterprises’ response
3. 从国内外大背景看趋势
Trends from the perspective of domestic and international background

三、企业应对策略
Enterprises’ countermeasures
1. 管理层应对策略
Countermeasures at the management level
2. 业务层应对策略
Countermeasures at the business level
3. 技术层应对策略
Countermeasures at the technology level

四、识别敏感信息
Identification of sensitive information
1. 数据生命周期管理
Data lifecycle management
数据信息的收集与使用
Collection and use of data information
数据信息的加工、传输与共享
Processing, transmission and sharing of data information
数据信息的保存与销毁
Preservation and destruction of data information
2. 识别个人数据、重要数据、商业秘密数据
Identification of personal data, important data and trade secrets

五、建立风险评估矩阵
Establishment of risk assessment matrix
1. 怎样确定数据安全评估标准
How to establish data security assessment standards
2. 定量化衡量风险等级及对企业的影响
Quantitatively measure risk levels and risk impact on enterprises
3. 怎样提供可切实实施的风险整改计划
How to develop a practical and feasible risk control plan

六、建立数据治理框架
Establishment of data governance framework
1. 数据治理的全过程
Whole process of data governance
2. 应对型数据治理及主动型数据治理
Passive and active data governance
3. 数据管理能力成熟度模型
Data management capability maturity model

七、搭建数据合规体系
Establishment of data compliance system
1. 进行GDPR及网络安全法适用性评估
Evaluate the applicability of GDPR and cybersecurity laws
2. 划分数据类型及区别制定合规策略
Classify data and develop different compliance strategies based on the classification
3. 更新与完善隐私政策
Update and improve privacy policies
4. 建立风险评估、记录与响应机制
Establish risk assessment, recording and response mechanisms

八、搭建网络安全体系
Establishment of cybersecurity system
1. 网络安全威胁类型
Types of cybersecurity threats
2. 常见的安全服务机制
Common security service mechanisms
3. 构建网络安全防护体系政策建议
Policies and suggestions for building a cybersecurity protection system

关于讲师 About the Speaker:
    陈炽先生
    陈先生任职于安永法证及诚信合规服务部门,担任法证技术合伙人。他专注于持续合规监控和管理体系、贸易合规、数据合规、信息和隐私保护、反垄断、风险预测分析、以及电子取证。以上领域均需要对结构化或非结构化格式的财务、运营和交易数据进行大量的深入分析。陈炽带领的团队利用数据可视化、统计建模和文本挖掘等先进的分析技术,帮助客户及时、高效地识别高风险交易或者行为,并积极提供应对办法。陈炽先后在美国、澳大利亚以及中国就职,拥有超过16年的综合咨询和审计工作经验,为众多财富500强企业和跨国公司提供服务,涉及生命科学、制造业、消费品、工业产品、建筑、科技、金融服务、能源和电讯等多个不同行业。
    Chen, a forensic technology partner of EY Forensic & Integrity Services, specializes in proactive compliance monitoring and management systems, trade compliance, data compliance, information and privacy protection, antitrust analytics, predictive risk analytics and eDiscovery, all of which require in-depth analysis of large and disparate sets of structured and non-structured financial, operational and transactional data. He leads his team to help clients identify high-risk transactions or behaviors in a timely, efficient and effective manner by leveraging advanced data analytics techniques including but not limited to data visualization, statistical modeling and text mining. He has more than 16 years of combined advisory and audit experience in the US, Australia and China. Besides, he has served many Fortune 500 and multinational companies in a variety of industry sectors including life sciences, manufacturing, consumer goods, industrial products, construction, technology, financial services, energy and telecommunications.


培训课纲 课纲下载


更多企业数据合规、安全体系搭建与应对策略相关课程:

课程专题企业数据合规管理培训安全体系搭建培训


关于我们 | 法律声明 | 服务条款 |热门课程列表 | 培训计划 | 网站地图 | 文字站点 | 加入收藏 | 用户中心
固话:020-34071250、34071978 值班手机:13378458028(可加微信) 传真:020-34071978
地址:广州市天河区东站路1号;常年法律顾问:北京市双全律师事务所 邓江华主任律师
粤ICP备13018032号 Copyright (c) 2019 All Rights Reserved 森涛培训网 三策咨询.企业培训服务