top of page

Auditing GDPR and Data Protection

The CIIA’s “Risk in Focus 2019” report highlighted Data Protection as one of the key risks facing organisations across Europe and barely a day goes by without news of the latest data breach or data risk management failure. As a result, internal auditors are increasingly being asked to provide insight and assurance over GDPR and data governance, risk management and control. 


This event will equip you with the skills and confidence to conduct your own professional internal audit assurance and advisory engagements in these topical areas, as well as providing an informative overview of these fascinating subjects. 


Who should attend?

This course is designed for chief audit executives, internal audit managers, senior internal auditors and internal auditors involved in planning and delivering assurance engagements in these topical areas. It is also suitable for other professionals in the second line who are interested in finding out more about these subjects.


The course includes facilitator input, short practical discussions and a number of task-based exercises to reinforce your understanding and build upon existing knowledge.


Course Programme

We will cover:


  • An overview of data protection, GDPR and data risk

  • Topical organisational data risk failures

  • Understanding your organisation’s data risks

  • What does good look like for data risk management?

  • Different internal audit approaches and options

  • How to achieve a successful audit engagement 

  • Pitfalls to avoid in practice and opportunities to seize


The course includes facilitator input, topical examples, short practical discussions and exercises to reinforce the learning and build upon your existing knowledge.

John Chesshire 

John Chesshire, CFIIA, QIAL, CIA, CISA, has over 22 years' experience working in the internal audit, risk management, business improvement and governance fields. John is a Fellow of the Chartered Institute in the UK, is an Independent Internal Audit Committee Chair and has recently been Chief Assurance Officer for the States of Guernsey. 


He has delivered many well-received courses to several European Institutes of Internal Auditors and his other recent clients include FTSE listed companies, multinationals, central and local government, law enforcement, international charities, professional services companies, and international organisation such as NATO, the OECD and UN Agencies. 


He is a principal examiner for the Institute of Risk Management and has been a visiting lecturer in the Governance and Assurance Hub at Birmingham City University. He loves internal audit and particularly enjoys working in new and emerging areas of assurance interest.



John Chesshire


Day : 04/10/2022

09.00 - 16.00 (with 30min lunch break)

CPE Credits



Member 475 EUR 

Non-member 550 EUR






bottom of page