Buy Now

Certified GDPR Lead Implementer

About Certification

GSDC's Certified GDPR Lead Implementer certification is aimed towards providing in-depth knowledge and practice to establish and maintain a Personal Information Management System in line with the Privacy requirements including GDPR. Certified GDPR Lead Implementer is responsible for setting the highest standard of data protection modified to their organizational needs in line with industry standards. GDPR Lead Implementer Certification helps you in gaining a comprehensive understanding of the concepts and approaches required for the effective alignment for organizations with the General Data Protection Regulation.

Certification badge for Certified GDPR Lead Implementer


Certified GDPR Lead Implementer course module's objective is mainly to share a deep understanding of:

  • Privacy concepts and PII categories
  • Privacy Principles
  • Phases of PII processing Lifecycle
  • Requirements of BS 10012:2017 +A1:2018 and GDPR to establish PIMS including Data inventory & data flow, Privacy Impact Assessments, etc.
  • Interpret the requirements from an implementation perspective in the context of their organization.
  • Conduct a baseline review of the organization's current position with regard to BS 10012:2017 +A1:2018 and GDPR.
  • Integrate globally acceptable best practices with the present management system


Target Audience


Data Privacy Officers and those who will be involved in advising top management on the introduction of BS 10012:2017 +A1:2018 into an organization.

Designed for core implementation teams with the responsibility of compliance with global privacy compliance frameworks.

Those planning to lead and implement a system, or new to managing a system

Consultants responsible for implementing data privacy frameworks



After the completion of this certification, participants will have:

Understanding of effective personal information management within an organization that protects personally identifiable information (PII) within information and communication technology(ICT) systems.

Understanding of common privacy terminology and the common Privacy Principles

Understand of privacy safeguarding requirements

Learning about crucial processes, policies, and procedures that can be put into practice immediately including Privacy Impact Assessment, Risk Treatment, Data Inventory & Data Flow

Ability to create a framework for your own Personal Information Management System (PIMS) in line with the requirements of the Global Data Protection Regulation (GDPR).

Gathering knowledge to develop a PIMS framework and building awareness and support for privacy across your organization

Capability to protect personal information and meet stakeholder expectations

Influencing continuous professional development across your organization



Basic understanding of privacy principles.

Knowledge of the information security management principles and concepts.



There will be a multiple-choice exam of 40 marks.
You need to acquire 26+ marks to clear the exam.
If you fail, you can retake the exam after one day.
In case Participant does not score passing percentage then they will be granted a 2nd attempt at no additional cost. Re-examination can be taken up to 30 days from the date of the 1st exam attempt.



Exam Syllabus

1. Introduction

  • Introduction to GDPR & Privacy concepts
  • GDPR Background
  • Territorial scope
  • Mapping of GDPR with BS 10012:2017
  • Privacy Terms and Definitions
  • How do we recognize PII?
  • Phases of PII processing Lifecycle
  • Privacy Principles - BS10012:2017 and GDPR
  • Rights of Natural Persons
2. Identification of Context of Privacy in Organization
  • Leadership and Commitment to Data Protection - PIMS Policy
  • Organizational Roles & Responsibilities
  • Planning - Actions to address risks and opportunities
  • Embedding PMS in the organization's culture
  • Legal basis
  • Data Inventory & Data Flow

3. Privacy & Planning

  • PIMS objectives & planning to achieve them
  • Operational Planning & Control
  • Data Protection Officer & Data Protection Representatives
  • Training & awareness
  • Implementing the Principles of GDPR
  • Implementing Rights of natural persons
  • Incident Response and Breach Reporting
4. Transfers & Audits
  • Cross Border Transfers
  • Certification Schemes - Proposed
  • Supervisory Authority
  • Sub Contracting
  • Obligations of Controllers and Processors
  • Cloud computing
  • Performance Evaluation
  • Internal Audit
  • Introduction to Audit Process
  • Audit Planning including Checklist
  • Conducting an onsite audit for privacy
  • Writing non-conformities
  • Management review and Continual Improvement

295 Turnpike Rd block 519, Westborough, MA 01581, USA
Hohenstieglen 6, 8152 Glattbrugg, Switzerland +41 41444851189