GDPR obligations and ISO 27001 ISMS design.

Understand the full scope of GDPR including lawful bases, data subject rights, controller versus processor roles, breach notification, and international transfers. Learn how to scope and design an ISO 27001 ISMS, complete a risk treatment process, and select Annex A controls that operationalize GDPR requirements.

Self-paced. 40 min per module.

Work through self-paced modules with practical real-world examples and scenarios that show how both frameworks apply in everyday compliance work. The course requires no prior legal or technical expertise and is designed for security, privacy, and compliance professionals who need to work across both frameworks with confidence.

Professionally Certified on completion.

Leave qualified to operate across GDPR and ISO 27001 simultaneously. You will understand the interplay between both frameworks, how Annex A controls support GDPR compliance, and how to contribute to integrated security and privacy programmes in organizations of any size.