Privacy and Data Protection: An introduction to the global landscape of data privacy 

Dates Available:

Costa Mesa (SOLD OUT)

28-31 October 2019 | 8:30AM - 5:00PM

Course Overview

Course Duration: 4 days
CPE: up to 32

Course Description

In an increasingly interconnected world, where legal scrutiny, fines, and reputational harm are growing concerns, organizations must protect people’s privacy by taking into account not only technical security measures, but also by being mindful of how data is used. Participants can expect to establish foundational knowledge of privacy terminology and practices, including privacy impact assessments, incident management, privacy enhancing technologies, privacy audits, and GDPR requirements, as well as gain practical insights regarding how privacy requirements are operationalized at different types of organizations.

Course Objectives

Upon completion of this course you should be able to:

  • Learn the sources of privacy requirements
  • Understand privacy principles and frameworks
  • Obtain an overview of regional approaches to privacy including the California Consumer Privacy Act
  • Explore the EU General Data Protection Regulation
  • Recognize the form and function of privacy impact assessments
  • Describe privacy incident and breach response plans
  • Identify valuable privacy program metrics
  • Understand privacy audits
  • Discover emerging trends impacting personal and corporate privacy
  • Learn about privacy enhancing technologies



“It was an excellent
training course that
I recommend others in
my organization attend.”

Hilda, IT Specialist, Info Security

 Go Green

Costa Mesa (SOLD OUT)

Early Bird Cost—before 9 September 2019: $2,295 member / $2,495 non-member
Standard Cost: $2,495 member / $2,695 non-member
Cancellation Deadline: 23 September 2019

*All pricing is in US dollars unless otherwise noted.

Attendance at all ISACA Training Week Courses include the following:

  • 4-day instructor-led training course
  • Course materials
  • Continental breakfasts
  • Morning and afternoon coffee breaks
  • Lunches daily

Dinners, travel, hotel and parking accommodations are the responsibility of the attendee and are not included in the cost of the course registration.

Payment Methods

Choose one of these easy ways to pay

  1. Pay online at
  2. Mail your payment to: ISACA, 1055 Paysphere Circle, Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America, 135 S. LaSalle St., Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    [Please include attendee’s name and ISACA Training Week on the Advice of Transfer.]

Event Registration Policy

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, course fees must be received two weeks before the course begins. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. Course materials are not guaranteed to those who register on site or fail to submit payment two weeks prior to the event.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $295 will be subtracted from conference refunds, and US $50 per workshop from workshop refunds. No refunds can be given after the cancellation deadline above. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees. If attendee has already received the materials for the course, they will not qualify for a refund or credit.

If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact ISACA.
Phone: +1.847.660.5505
Fax: +1.847.253.1443

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a 3-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits by attending the four-day ISACA Training Week Course. ISACA training week courses are Group Live and do not require any advanced preparation.

Disclaimer Policy

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: Unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, click on the "Click here to join now" link in your conference registration shopping cart. For more information about ISACA membership, visit the web site at or contact the membership department at

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.


Business casual is appropriate for all training events.


Obtaining a VISA is solely the responsibility of the registrant. Please contact the local government of the host country for details. Once a paid registration is received, a letter of invitation will be provided by ISACA, on request.

Course Location


Costa Mesa

Deloitte Offices
695 Town Center Drive
Costa Mesa, CA 92626

Hotels Nearby

The Westin South Coast Plaza
686 Anton Blvd
Costa Mesa, CA 92626

Costa Mesa Marriott
500 Anton Blvd
Costa Mesa, CA 92626

Hilton Orange County
3050 Bristol St
Costa Mesa, CA 92626

Avenue of the Arts
3350 Avenue of the Arts
Costa Mesa, CA 92626



Stephen Sharon

Stephen Sharon

Stephen Sharon is a Manager in Deloitte & Touche LLP’s Cyber Risk Services practice and has over ten years of privacy consulting experience. He has worked with senior leaders at numerous large organizations to assist them in their efforts to reduce their risk exposure by performing privacy assessments that are tailored to their needs, risk appetites, and applicable laws and regulations. Stephen has also coordinated privacy tasks on a global scale for the merger and spinoff of two multibillion dollar multinational corporations. Stephen has assisted clients in numerous privacy-related activities, ranging from drafting privacy policies to assessing their implementation in the field.

Stephen has published articles and presented on topics including data flow maps, health big data analytics, ethical issues concerning big data, copyright law, and the General Data Protection Regulation (GDPR). In addition to regularly teaching privacy courses, he has also been called on as a privacy specialist by Court TV and CBS news. Stephen is a Certified Information Privacy Professional (CIPP/US) and Certified Information Systems Security Professional (CISSP).

Jennifer Jefferson

Jennifer Jefferson

Jennifer Jefferson is a Senior Consultant in Deloitte & Touche LLP’s Cyber Risk Services practice. She specializes in the Consumer & Industrial Products (“C&IP”) and Technology, Media, & Entertainment (“TMT”) industries. Jennifer has conducted General Data Protection Regulation (GDPR) and customer data privacy assessments across the country. She also has specialized knowledge in the UNIX and ACF2/Mainframe systems, including more than four years of experience with auditing in-house developed applications that reside on those systems. Additionally, she has spent considerable time working with Deloitte Internal Control Guidance, associated Technology frameworks, and PCAOB Audit Standards.

Jennifer regularly facilitates ISACA privacy courses and is a lead designer in the upcoming Privacy Simulation course. She is also a Certified Information Systems Auditor (CISA).

Jimmy Firth

Jimmy Firth

Jimmy Firth is a Senior Consultant within Deloitte & Touche LLP’s Cyber Risk Services practice. He specializes in the Life Science and Health Care industry. His past experience ranges from rationalization of requirements and controls across governing documents in the financial services industry to complex contract remediation in the life sciences industry. He works heavily in regulatory compliance most recently with the General Data Protection Regulation (GDPR) working from assessment through remediation for multinational companies. Additionally, he has experience in developing training programs related to topics from the legal and regulatory environment to the adoption of new systems.

Jimmy regularly facilitates ISACA privacy courses and is responsible for maintaining and updating materials for these courses. He is also a Certified Information Privacy Professional (CIPP/US).


Please Contact ISACA's Learning Solutions Department:
Fax: +1.847.253.1443