CDPSE Training Course Training 課程
  Facebook: CDPSE Training Course Training 課程
 
CDPSE Training Course Training 課程
CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程 CDPSE Training Course Training 課程  
CDPSE Training Course Training 課程 CDPSE Training Course Training 課程

想定期知道最新課程及優惠嗎?
免費訂閱本中心的課程通訊!

課堂錄影隨時睇 10 大優點之地點方便:本中心位於旺角、觀塘、北角、沙田及 屯門,就近港鐵站!

CDPSE 國際認可證書課程
課程簡稱:CDPSE Training Course

  • 課程時間
  • 課程簡介
  • 課程特點
  • 考試須知
  • 課程內容
  • 詳細內容

課程優惠!現凡同時報讀以下三個課程:
即減 $840!報讀其中兩個即減 $480!

推介服務:課堂錄影隨時睇 (在家觀看 = 0%,在校觀看 = 100%)
學員使用 WhatsApp、電話或本網頁報名,待本中心確認已為學員留位後,即可使用 轉數快 繳付學費,過程簡便!
編號 地點 可預約星期及時間 學費低至 85 折  
RH2412AV 不限
請參看個別地點
$2,980 按此報名:CDPSE Training Course Training 課程
RH2412MV 旺角 一至五:14:30 - 22:15   六:13:45 - 21:30   日:10:15 - 18:00 (公眾假期休息) 95 折後只需 $2,831 按此報名:CDPSE Training Course Training 課程
RH2412OV 觀塘 一至五:14:15 - 22:00   六及日:12:15 - 20:00   (星期三及公眾假期休息) 9 折後只需 $2,682 按此報名:CDPSE Training Course Training 課程
RH2412PV 北角 一至五:14:15 - 22:00   六及日:12:15 - 20:00   (星期三及公眾假期休息) 9 折後只需 $2,682 按此報名:CDPSE Training Course Training 課程
RH2412SV 沙田 一至五:14:15 - 22:00   六及日:12:15 - 20:00   (星期三及公眾假期休息) 85 折後只需 $2,533 按此報名:CDPSE Training Course Training 課程
RH2412YV 屯門 一至五:14:15 - 22:00   六及日:12:15 - 20:00   (星期一、三及公眾假期休息) 85 折後只需 $2,533 按此報名:CDPSE Training Course Training 課程
* 各政府部門可使用 P Card 付款  
如使用 P Card 繳付考試費,考試費需另加 2.5% 行政費  
在校免費試睇: 首 1 小時,請致電與本中心職員預約。 查看各地點電話
旺角 2332-6544
觀塘 3563-8425
北角 3580-1893
沙田 2151-9360
屯門 3523-1560
在校免費重睇: 學員可於享用時期內於報讀地點不限次數地重看課堂錄影,從而可反覆重溫整個課程!
導師解答: 學員可於觀看某一課堂錄影後提出課堂直接相關的問題,課程導師會樂意為學員以單對單的形式解答!
課時: 18 小時
享用時期: 6 星期。進度由您控制,可快可慢。
課堂錄影導師: Franco (任教課程清單)
在校觀看: 詳情及示範片段


推介服務:課堂錄影隨時睇 (在家觀看 = 100%,在校觀看 = 0%)
學員使用 WhatsApp、電話或本網頁報名,待本中心確認已為學員留位後,即可使用 轉數快 繳付學費,過程簡便!
編號 地點 星期及時間 費用  
RH2412HH 在家 享用時期內每星期 7 天 (包括公眾假期),每天 24 小時全天候不限次數地觀看。 $2,980 按此報名:CDPSE Training Course Training 課程
* 各政府部門可使用 P Card 付款  
如使用 P Card 繳付考試費,考試費需另加 2.5% 行政費  
在校免費試睇: 首 1 小時,請致電與本中心職員預約。 查看各地點電話
旺角 2332-6544
觀塘 3563-8425
北角 3580-1893
沙田 2151-9360
屯門 3523-1560
導師解答: 學員可於觀看某一課堂錄影後提出課堂直接相關的問題,課程導師會樂意為學員以單對單的形式解答!
課時: 18 小時
在家觀看時禁用程式: 一些危害課堂錄影版權的程式。
享用時期: 6 星期。進度由您控制,可快可慢。
課堂錄影導師: Franco (任教課程清單)
在家觀看: 服務條款及守則、報讀程序及示範片段


地區 地址 電話 教育局註冊編號
旺角 九龍旺角亞皆老街 109 號,皆旺商業大廈 18 樓 1802 - 1807 室 2332-6544 533459
觀塘 九龍觀塘成業街 7 號寧晉中心 12 樓 G2 室 3563-8425 588571
北角 香港北角馬寶道 41-47 號華寶商業大廈 3 樓 01-02 號舖 3580-1893 591262
沙田 新界沙田石門安群街 3 號京瑞廣場 1 期 10 樓 M 室 2151-9360 604488
屯門 新界屯門屯喜路 2 號屯門柏麗廣場 17 樓 1708 室 3523-1560 592552
注意! 客戶必須查問報讀學校的教育局註冊編號,以確認該校為註冊學校,以免蒙受不必要的損失!


ISACA® 成立於1969 年,多年來不斷參與各項系統確認性與安全、企業資訊治理及資訊風險的活動,口碑載譽。

ISACA® 會員遍佈逾 160 個國家,總數超過 86,000 人。其頒授的全球認可國際資訊隱私防護師認證 (CDPSE, Certified Data Privacy Solutions Engineer) 資格,更是各位管理人員必考的證書。取得 CDPSE 資格標誌著該專業人員具備管理隱私的知識,以及構建和實施全面數據隱私措施所需的技術,以降低風險並提高效率。

本中心的 CDPSE 國際認可證書課程由 Franco Tsang 籌備多時,精心編排。由上堂、溫習、實習、考試研習、做試題至最後考試,均為你度身訂造,作出有系統的編排。務求真正教識你,又令你考試及格。

CDPSE


課程名稱: CDPSE 國際認可證書課程
- 簡稱:CDPSE Training Course
課程時數: 合共 18 小時 (共 6 堂)
適合人士: 具備 3 年或以上的資料隱私治理、隱私架構及/或資料生命週期領域工作經驗
授課語言: 以廣東話為主,輔以英語
課程筆記: 本中心導師親自編寫英文為主筆記,而部份英文字附有中文對照。

1. Franco Tsang (CCIE #19772) 親自教授: 本課程由擁有 CISA, CISM, CRISC, CDPSE, CISSP, ITILv3 Expert, ITIL 4 Managing Professional, ITIL 4 Strategic Leader, PMP 等專業認證的 Franco Tsang 親自教授。
2. Franco Tsang 親自編寫筆記: Franco 親自編寫筆記,令你無須「死鋤」如字典般厚及不適合香港讀書格調的書本。
3. 提供模擬考試題目: 本中心為學員提供充足的模擬考試題目,每條考試題目均附有標準答案。而較難理解的題目,均會附有 Franco 的解釋。
4. 深入淺出:

Franco 會在課堂上深入淺出地講解相關概念,務求令同學理解抽象的概念。

5. 免費重讀: 傳統課堂學員可於課程結束後三個月內免費重看課堂錄影。

本中心為 PSI 指定的 CDPSE 考試試場,導師會在課堂上講解考試程序。考試費用如下:

  • ISACA Member: US $575
  • ISACA Nonmember: US $760

通過考試後,同學需要

  • 具備3 年或以上的資料隱私治理、隱私架構及/或資料生命週期領域工作經驗
  • 同意遵守 ISACA 制定的職業道德準則
  • 提交 CDPSE 申請表

完成上述要求後,便能成為 CDPSE。




課程名稱:CDPSE 國際認可證書課程
- 簡稱:CDPSE Training Course


DOMAIN 1: PRIVACY GOVERNANCE (GOVERNANCE, MANAGEMENT & RISK MANAGEMENT)

  • Identify the internal and external privacy requirements specific to the organization's governance and risk management programs and practices.
  • Participate in the evaluation of privacy policies, programs and policies for their alignment with legal requirements, regulatory requirements and/or industry best practices.
  • Coordinate and/or perform privacy impact assessments (PIA) and other privacy-focused assessments.
  • Participate in the development of procedures that align with privacy policies and business needs.
  • Implement procedures that align with privacy policies.
  • Participate in the management and evaluation of contracts, service levels and practices of vendors and other external parties.
  • Participate in the privacy incident management process.
  • Collaborate with cybersecurity personnel on the security risk assessment process to address privacy compliance and risk mitigation.
  • Collaborate with other practitioners to ensure that privacy programs and practices are followed during the design, development and implementation of systems, applications and infrastructure.
  • Develop and/or implement a prioritization process for privacy practices.
  • Develop, monitor and/or report performance metrics and trends related to privacy practices.
  • Report on the status and outcomes of privacy programs and practices to relevant stakeholders.
  • Participate in privacy training and promote awareness of privacy practices.
  • Identify issues requiring remediation and opportunities for process improvement.

DOMAIN 2: PRIVACY ARCHITECTURE

  • Coordinate and/or perform privacy impact assessment (PIA) and other privacy-focused assessments to identify appropriate tracking technologies and technical privacy controls.
  • Participate in the development of privacy control procedures that align with privacy policies and business needs.
  • Implement procedures related to privacy architecture that align with privacy policies.
  • Collaborate with cybersecurity personnel on the security risk assessment process to address privacy compliance and risk mitigation
  • Collaborate with other practitioners to ensure that privacy programs and practices are followed during the design, development and implementation of systems, applications and infrastructure.
  • Evaluate the enterprise architecture and information architecture to ensure it supports privacy by design principles and considerations.
  • Evaluate advancements in privacy-enhancing technologies and changes in the regulatory landscape.
  • Identify, validate and/or implement appropriate privacy and security controls according to data classification procedures.

DOMAIN 3: DATA LIFECYCLE

  • Identify the internal and external privacy requirements relating to the organization's data lifecycle practices.
  • Coordinate and/or perform privacy impact assessments (PIA) and other privacy-focused assessments relating to the organization’s data lifecycle practices.
  • Participate in the development of data lifecycle procedures that align with privacy policies and business needs.
  • Implement procedures related to data lifecycle that align with privacy policies.
  • Collaborate with other practitioners to ensure that privacy programs and practices are followed during the design, development and implementation of systems, applications and infrastructure.
  • Evaluate the enterprise architecture and information architecture to ensure it supports privacy by design principles and data lifecycle considerations.
  • Identify, validate and/or implement appropriate privacy and security controls according to data classification procedures.
  • Design, implement and/or monitor processes and procedures to keep the inventory and dataflow records current.
The course content above may change at any time without notice in order to better reflect the content of the examination.



1 Privacy governance (governance, management & risk management)
1.1 Governance
1.1.1 Personal Data and Information
1.1.1.1 Defining Personal Data and Personal Information
1.1.1.1.1 Personal data
1.1.1.1.2 Personal information
1.1.1.1.3 Personal datum
1.1.1.1.4 Data subject
1.1.1.1.5 Sensitive personal data or sensitive data
1.1.1.1.6 Personally identifiable information (PII)
1.1.2 Privacy Laws and Standards Across Jurisdictions
1.1.2.1 Privacy Protection Legal Models
1.1.2.1.1 Comprehensive model
1.1.2.1.2 Sectoral model
1.1.2.1.3 Co-regulatory model
1.1.2.1.4 Self-regulatory model
1.1.2.2 Privacy Laws and Regulations
1.1.2.3 Privacy Standards
1.1.2.4 Privacy Principles and Frameworks
1.1.2.5 Privacy Self-Regulation Standards
1.1.3 Privacy Documentation
1.1.3.1 Types of Documentation
1.1.3.1.1 Privacy Notice
1.1.3.1.2 Consent Form
1.1.3.1.3 Privacy Policies
1.1.3.1.4 Privacy Procedures
1.1.3.1.5 Corrective Action Plan (CAP)
1.1.3.1.6 System of Record Notice (SORN)
1.1.3.1.7 Personal Information Inventory
1.1.4 Legal Purpose, Consent and Legitimate Interest
1.1.4.1 Legal Purpose
1.1.4.2 Consent
1.1.4.3 Legitimate Interest
1.1.5 Data Subject Rights (with Control-P and Communicate-P)
1.2 Management
1.2.1 Roles and Responsibilities Related to Data
1.2.2 Privacy Training and Awareness
1.2.2.1 Content and Delivery
1.2.2.2 Training Frequency
1.2.2.3 Measuring Training and Awareness
1.2.3 Vendor and Third-Party Management
1.2.3.1 Legal Requirements
1.2.3.2 Management Procedures
1.2.4 Audit Process
1.2.5 Privacy Incident Management
1.3 Risk Management
1.3.1 Risk Management Process
1.3.2 Problematic Data Actions Affecting Privacy
1.3.2.1 Vulnerabilities
1.3.2.2 Problematic Data Actions
1.3.2.3 Privacy Harms and Problems
1.3.3 Privacy Impact Assessment (PIA)
1.3.3.1 Established PIA Methodologies
1.4 Conclusion of this chapter

2 Privacy architecture
2.1 Infrastructure
2.1.1 Self-managed and cloud-based Infrastructure
2.1.1.1 Non-Cloud Alternatives to On-premises Centers
2.1.1.2 Key Privacy Concerns
2.1.2 Cloud Computing
2.1.2.1 Cloud Data Centers / Cloud Types
2.1.2.2 Five Essential Characteristics of Cloud Computing
2.1.2.3 Cloud Service Models
2.1.2.4 Shared Responsibility Model
2.1.2.5 Advantages of Cloud Computing
2.1.2.6 Limitation/concerns of Cloud Computing
2.1.3 Endpoints
2.1.3.1 Approaches to Endpoint Security
2.1.4 Remote Access
2.1.4.1 Virtual Private Networks (VPN)
2.1.4.1.1 Issues
2.1.4.1.2 Risks
2.1.4.2 Desktop Sharing
2.1.4.2.1 Issues and Risks
2.1.4.3 Privileged Access Management (PAM)
2.1.5 System Hardening
2.2 Applications and Software
2.2.1 Secure Development Life Cycle
2.2.1.1 Privacy and the Phases of the Secure Development Life Cycle
2.2.1.2 Privacy By Design
2.2.2 Application and Software Hardening
2.2.2.1 Best Practices for Hardening
2.2.3 APIs and Services
2.2.3.1 APIs
2.2.3.2 Web Service
2.2.4 Tracking Technologies
2.2.4.1 Types of Tracking Technologies
2.2.4.1.1 Cookies
2.2.4.2 Tracking Pixels
2.2.4.3 Digital Fingerprinting/Browser Fingerprinting
2.2.4.4 GPS Tracking
2.2.4.5 Radio Frequency Identification (RFID)
2.3 Technical Privacy Controls
2.3.1 Communication and Transport Protocols
2.3.2 Types of Communication Protocols
2.3.2.1 Types of Communication Protocols
2.3.2.2 Local Area Network (LAN)
2.3.2.2.1 LAN Topologies and Protocols
2.3.2.2.2 LAN Components
2.3.2.3 TCP/IP Internet World Wide Web Services
2.3.2.3.1 Port number
2.3.2.3.2 DNS and DNS poisoning (DNS Spoofing)
2.3.2.3.3 Sender Policy Framework (SPF)
2.3.2.3.4 Wireless Local Area Networks
2.3.2.4 Transport Layer Security
2.3.2.5 Secure Shell (SSH)
2.3.3 Encryption, Hashing and De-identification
2.3.3.1 Encryption
2.3.3.1.1 Symmetric Algorithms
2.3.3.1.2 Asymmetric Algorithms
2.3.3.1.2.1 Asymmetric encryption algorithm in SSH
2.3.3.1.3 Quantum Cryptography
2.3.3.2 De-identification (Pseudonymization, k-anonymization)
2.3.3.3 Hashing
2.3.3.3.1 Message Integrity and Hashing Algorithms
2.3.3.3.2 Digital Signatures and nonrepudiation
2.3.3.3.3 Digital Envelope
2.3.3.4 Applications of Cryptographic Systems
2.3.3.4.1 IP Security (IPSec)
2.3.3.4.2 Secure Multipurpose Internet Mail Extensions (S/MIME)
2.3.4 Key Management
2.3.4.1 Certificates
2.3.4.2 Public Key Infrastructure (PKI)
2.3.5 Monitoring and Logging
2.3.5.1 Monitoring
2.3.5.2 Logging
2.3.5.3 Privacy and Security Logging
2.3.6 Identity and Access Management
2.3.6.1 System Access Permission
2.3.6.2 Mandatory and Discretionary Access Controls (MAC and DAC)
2.3.6.3 Information Security and External Parties
2.3.6.3.1 Identification of Risk Related to External Parties
2.3.6.4 Human Resources Security and Third Parties
2.3.6.4.1 Screening
2.3.6.4.2 Removal of Access Rights
2.4 Conclusion of this chapter

3 Data lifecycle
3.1 Data Purpose and Data Management Maturity Model
3.1.1 Data Inventory and Classification
3.1.1.1 Data Inventory
3.1.1.1.1 Creating a Data Inventory
3.1.1.1.1.1 Plan
3.1.1.1.1.2 Decide
3.1.1.1.1.3 Populate
3.1.1.1.1.4 Publish
3.1.1.2 Data Classification
3.1.2 Data Quality
3.1.2.1 Data Quality Dimensions
3.1.3 Data Flow and Usage Diagrams
3.1.3.1 Data Flow Diagram
3.1.3.2 Usage Diagrams/Activity diagram
3.1.3.2.1 Introduction
3.1.3.2.2 Key features
3.1.3.2.3 Benefits of Usage or Activity Diagrams
3.1.3.2.4 Common symbol and nodes
3.1.3.2.5 Integrated example of Usage or activity diagrams
3.1.3.3 Data Flow Diagram vs Usage Diagrams
3.1.3.4 Data Lineage
3.1.4 Data Use Limitation
3.1.5 Data Analytics
3.1.5.1 User Behavior Analytics (UBA), SQL injection
3.2 Data Persistence and data modeling
3.2.1 Data Persistence and Data Retention
3.2.2 Data modeling
3.2.3 Data Minimization
3.2.4 Data Migration
3.2.4.1 Data Conversion
3.2.4.2 Refining the Migration Scenario
3.2.4.2.1 Fallback (Rollback) Scenario
3.2.4.3 Post-Data Migration
3.2.5 Data Storage and Tokenization
3.2.6 Data Warehousing
3.2.6.1 Extract, Transform, Load (ETL)
3.2.6.1.1 Staging Layer
3.2.6.1.2 Presentation Layer
3.2.6.2 Additional Considerations
3.2.7 Data Retention and Archiving
3.2.8 Data Destruction
3.2.8.1 Data Anonymization
3.2.8.2 Deletion
3.2.8.3 Crypt-shredding
3.2.8.4 Degaussing
3.2.8.5 Destruction
3.3 Conclusion of this chapter

4 Further readings
4.1 Key points of GDPR
4.2 ISO/IEC 27000 series standards
4.3 Data normalization
4.4 Development, test, staging, and production environments (DTSP)
4.5 Federated Identity Management (FIM)
4.6 OWASP Top Ten
4.7 CSRF (Cross-Site Request Forgery)

 

更多綜合課程
  攝影課程
  • 攝影初級
  • 攝影中級 (風景專題)
  英文課程
  • IPA 拼音:級別 1 2 3 4
  普通話課程
  • 基礎普通話拼音 (免費)
  • 進階普通話拼音
  • 普通話會話:級別 1 2 3
  西班牙語文課程
  • 級別 1 2 3
  中醫課程
  • 濕疹與皮膚敏感病
  • 暗瘡與色斑 | 鼻敏感與感冒
  • 脫髮與白髮 | 從五官看健康
  風水命理課程
  • 紫微斗數:級別 1 2 3
  • 子平八字:級別 1 2 3
  • 八字風水:級別 1 2 3
  • 奇門遁甲:級別 1 2 3