UP Building, Piet Heinkade 55, 1019 GM, Amsterdam


Paolo Balboni

Prof. Dr. Paolo Balboni is a top-tier ICT, privacy & data protection lawyer and Founding Partner of ICT Legal Consulting. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity within the Maastricht University Faculty of Law. Co-chair of the Privacy Level Agreement (PLA) Working Group of Cloud Security Alliance and the main drafter of the CSA Code of Conduct for GDPR compliance. President of the European Privacy Association. Lead Auditor BS ISO/IEC 27001:2013 (IRCA Certified)

Price: €2,000 + VAT

Course description:

Enterprises around the world are looking for ways to show their compliance to Europe’s General Data Protection Regulation (GDPR). The Cloud Security Alliance (CSA) has developed a Code of Conduct designed to offer both a tool for GDPR compliance and transparency guidelines regarding the level of data protection offered by the Cloud Service Provider.

The purpose of this 2-day course is to qualify the first auditors that would be able to audit companies against the requirements of the CSA Code of Conduct for GDPR compliance Certification. The course will cover the following areas:

GDPR Fundamentals & CSA CoC: Objectives, Scope and Methodology
CoC Controls 1-5: CSP declaration of compliance & accountability, CSP relevant contacts, ways in which data will be processed, recordkeeping and data transfer.

CoC Controls 6-10: data security, monitoring, personal data breach, data portability & migration, and restriction of processing.

CoC Controls 11-15: data retention/restitution/deletion, cooperation with the cloud customers, legally required disclosure, remedy for cloud customers and CSP insurance policy.

CoC Governance and Adherence Mechanisms