GTAG 5: Managing and Auditing Privacy Risks

The Institute of internal Auditors Philippines, Inc.

The Institute of Internal Auditors (IIA) Philippines is a professional organization dedicated to the advancement of the internal audit profession in the country. Our members, who work in internal auditing, risk management, governance, internal control, information technology audit, education and security, came from various industry or sectors in the Philippines and belong to a global network of almost 200,000+ professionals from more than 170 countries and territories sharing a common vision of a global profession of internal auditing.

The Institute of Internal Auditors Philippines Inc. (IIAP) was registered with SEC in 1982 and formerly known as The Institute of Internal Auditors, Inc. – Manila Chapter. It was founded on August 14, 1948 by Mr. Santiago F. Dela Cruz Sr. along with a small group of accountants actively engaged in the profession. Mr. Dela Cruz, who is considered to be the moving spirit of the association, is the same man who, two years earlier than IIAP, co-established the Philippine College of Commerce and Business Administration (PCCBA) which we now know as the University of the East.

The IIAP despite some struggles during its formative years was able to attain full-fledged stature as a professional association upon earning its “Institute” status from The Institute of Internal Auditors (IIA Global) in 1990. At the time, IIAP is 1 of the 6 (six) chapters in the Pacific Region (others were in Bombay, Tokyo, Sydney, Melbourne and Ceylon). On its 75th Anniversary Celebration and Global Business Meeting last 16-17 July 2016 at New York Hilton Midtown, the IIAP was acknowledged as the 3rd Chapter organized by the IIA Global since the latter’s founding in 1941 still then headquartered in New York City, USA

Event Details

Focus and Features

Individuals and institutions are taking drastic measures to flatten the curve of COVID-19 infections, and these measures, while important, may threaten our recently recognized privacy rights.

Privacy is a risk management issue for businesses, governments, and nonprofit organizations. Consumers are concerned with how businesses and organizations use and protect this information. Business owners and management want to meet the needs and expectations of their customers, business partners, and employees; keep any commitments pursuant to contractual agreements; and comply with applicable data privacy and security laws and regulations.

To become an effective Internal Auditor, the main objectives of this training are as follows:

Understand why Privacy is important in enforcement activity, incident management and laws, rules and regulations,
Understand your obligations and ensure compliance with applicable laws and regulations when processing Personal Information and
Develop a privacy audit program that will enable you to identify and evaluate the key risks as well as come-up with recommendation on the improvement of your company's privacy compliance program.

Attendees will gain a foundation of knowledge that will allow them to properly prepare for and conduct a successful audit of the privacy compliance program.

What You Will Learn

I. Introduction to Privacy

What is Privacy?
Definition of Personal Information
Privacy Roles (Data subject, Data Controller, Privacy Officer, etc.)
Internal Auditing's Role in the Privacy Framework
Privacy Audit

II. AICPA/CICA Generally Accepted Privacy Principles (GAPP)

Management
Privacy Notice
Choice and Consent
Collection
Use, Retention and Disposal
Access
Disclosure to Third Parties
Security for Privacy
Quality
Monitoring and Enforcement

III. Privacy Risk Assessment

Significance and Likelihood of Privacy Risks
Privacy Heat Map (Risk Map) using GAPP Framework

IV. Audit Process

Engagement Planning
Performing Engagement
Communicating and Monitoring Audit Results

V. Case Studies

VI. Seminar Conclusion

Plan for Action

Number of CPE Units : 3

CANCELLATION POLICIES

1. Cancellations received less than 3days prior to the event will be charged a cancellation fee, which is 50% of the registration fee. Cancellation in zoom registration does not mean you are cancelling your registration in our seminar, please send us an official email.

2. No-show registrants will be charged 50% of the registration fee.

3. Substitutions are allowed on two conditions:

-The event/training should be the same.

-The membership status should also be the same, if the other participant is a non-member, he/she must pay the difference.

Speakers

Michael Cabatuando

ASPAC Privacy Compliance Head and Data Protection Officer at Johnson & Johnson

Mike is the ASPAC Privacy Compliance Head and Data Protection Officer for Johnson and Johnson. He is the ASPAC Privacy Compliance Head for Consumer and Corporate sector. He reports to the Chief Privacy Officer based at the headquarters of Johnson and Johnson at New Jersey.

He previously held various roles at the Global Finance Services (GFS) of Johnson and Johnson from Compliance Head of Manila Shared Service Center to Regional Compliance Manager supporting the Country Finance Centers (COEs) in ASPAC.

During his stint in the role, Mike is a recipient of the “Encore Platinum Award” (prestigious citation for J&J employee) for his excellent performance in documentation of Company’s processes and controls. He also led several initiatives for GFS such as establishment of the SOX Program, Compliance Training and System’s Access reviews (SSC Manila), Audit Readiness, Standard Operating Procedures, Document Control Matrices, Test Scripts and Consulting Reviews for Project Implementations.

Sponsors and Partners

Member's rate

Member Price₱995

Non-member's rate

Public Price₱1,995

REGISTRATION AND CANCELLATION POLICIES

All registrations shall be paid prior to the actual event/ seminar date.
If cancellations were done with proper communication received at least 7 calendar days before the event/ seminar date, 100% of the registration fee will be automatically credited as a training fund.
If cancellations were done with proper communication received one (1) to six (6) calendar days before the event/ seminar date, only 50% of the registration fee will be automatically credited as a training fund.
Cancellations with or without proper communication made on the same day of the event/ seminar may result to "no show" and forfeiture of payment.
Substitutions are allowed as long as the replacement has the same membership status; otherwise, the difference in the ticket price must be settled.

PAYMENT INSTRUCTION

Payment should be made through IIAP's bank account under UNIONBANK OF THE PHILIPPINES (UBP).

Note that the submission of Proof of Payment is still mandatory for Invoice issuance.

BANK DETAILS FOR DIRECT DEPOSITS (CASH OR CHEQUE), ONLINE FUND TRANSFERS, WIRE REMITTANCE

Account Name: Institute of Internal Auditors Philippines, Inc.

Bank Name : UNIONBANK OF THE PHILIPPINES

Branch: Insular Ayala-Paseo Branch

Bank Address: GF Insular Life Building Ayala Avenue corner Paseo de Roxas Makati City

Swift Code: UBPHPHMM

Account no. :0030 6000 2627 (Peso Checking Account)

Purpose of Transactions : for Seminar/Events Registration and Membership Fees

IMPORTANT! Mandatory submission of proof of payment

via IIAP Website:https://bit.ly/submitProofofPayment

Email it to: training@iia-p.org

The Institute of internal Auditors Philippines, Inc.

Contact us

Event Details

Speakers

Michael Cabatuando

Sponsors and Partners

Tickets

Member's rate

Non-member's rate

The Institute of internal Auditors Philippines, Inc.

Contact us

GTAG 5: Managing and Auditing Privacy Risks

Event Details

Speakers

Michael Cabatuando

Sponsors and Partners

Organizer

Tickets

Member's rate

Non-member's rate