Governance, risk & compliance

GDPR Certified Data Protection Officer

This course prepares experienced professionals to operate effectively as Data Protection Officers in complex regulatory environments. Participants learn how to translate GDPR obligations into operational controls, governance mechanisms, and decision processes that withstand regulatory scrutiny.

4 daysExam includedPhysical classroomOnline classroomSelf-study
2,500+ professionals trained86.7 % pass rate120+ countries600+ organisations
PECB
26 May – 29 May
Language
ENFR
LocationLausanne / Morges & Online
Format
Physical classroomOnline classroom
Physical classroom
  • Instructor-led classroom training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
Online classroom
  • Instructor-led online live interactive training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
PECB
8 Jun – 11 Jun
Language
FR
LocationParis & Online
Format
Physical classroomOnline classroom
Physical classroom
  • Instructor-led classroom training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
Online classroom
  • Instructor-led online live interactive training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
PECB
20 Jul – 23 Jul
Language
ENFR
LocationLausanne / Morges - Switzerland
Format
Physical classroomOnline classroom
Physical classroom
  • Instructor-led classroom training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
Online classroom
  • Instructor-led online live interactive training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
PECB
31 Aug – 3 Sept
Language
FR
LocationParis - France
Format
Physical classroomOnline classroom
Physical classroom
  • Instructor-led classroom training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
Online classroom
  • Instructor-led online live interactive training course
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Certificate of attendance
  • Official PECB certification
  • One free retake exam
Confirmed
PECB
Available year-round
Language
ENFRDEES
Format
Self-study
Self-study
  • Lifetime access to official PECB training course material (PDF)
  • Official PECB online certification exam
  • Official PECB certification
  • One free retake exam
No date works for you?
Request a private or flexible session

Key takeaways

Translate GDPR requirements into operational controls
Set up DPO governance, records, and policies
Plan and run impact assessments and reviews
Monitor incidents, audits, and corrective actions

Your trainers for this course

marc-bouvier
Marc BOUVIER

ISO 22301 Lead Implementer · ISO 22301 Lead Auditor · ISO 27001 Lead Implementer · ISO 27001 Lead Auditor · ISO 27005 Risk Manager

More than 25 years' experience in information security, resilience, risk management and compliance. Each training session is an opportunity to share practices as an auditor, consultant and/or project manager, and to comment on and explain the content of each certification.

14certifications
9domains
Henri HAENNI - Expert in Business Continuity, Risk Management and Information Security Governance
Henri HAENNI

ISO 22301 Lead Implementer · ISO 22301 Lead Auditor · ISO 27001 Lead Implementer · ISO 27005 Risk Manager · EBIOS Risk Manager

Expert in Business Continuity, Risk Management and Information Security Governance Consulting for large multinational corporations, government organization and internal organizations Certified international trainer and Lecturer at Sorbonne University Paris 1

30 years of experience in governance and information security. Lecturer at Sorbonne (Paris I Panthéon), EPFL graduate. Led ISO deployments for The Global Fund, central banks, and government organizations across 3 continents.
30+Years of experience
SorbonneLecturer
EPFLGraduated
12 PECBCertifications
Meet all our trainers →
PECB
GDPR Certified Data Protection Officer · Titanium Partnerhighest PECB accreditation levelTitanium Partner

Page contents

Course Description

GDPR compliance has moved well beyond documentation exercises. In the current regulatory landscape, supervisory authorities expect organizations to demonstrate ongoing control, risk awareness, and accountability for personal data processing. Enforcement actions increasingly focus on governance failures, ineffective oversight, and weak operationalization of DPO responsibilities.

This course is designed for professionals who are expected to lead GDPR compliance as a management system, not as a legal checklist. Participants work through the full lifecycle of DPO responsibilities, from designation and independence to daily operational oversight and regulatory interaction. The emphasis is on how decisions are made, documented, and defended under scrutiny.

Throughout the training, participants actively apply GDPR requirements to realistic organizational scenarios. This includes structuring a GDPR compliance program, establishing processing registers that support decision-making, performing Data Protection Impact Assessments that stand up to authority review, and integrating data protection into risk management, security, and incident response functions.

Abilene Academy’s approach reflects how GDPR is implemented in mature organizations: evidence-driven, risk-based, and closely aligned with executive governance. Trainers bring practical experience from regulated industries, enforcement cases, and audit situations. Participants learn what regulators question, where organizations typically fail, and how DPOs can maintain independence while remaining operationally effective.

The course concludes with a focus on monitoring, internal audit, nonconformity handling, and continual improvement, ensuring participants can sustain GDPR compliance over time rather than merely achieve initial alignment.

    • Explain core GDPR concepts and compliance expectations
    • Map GDPR requirements to organizational processes and controls
    • Interpret data protection obligations for specific processing contexts
    • Plan and maintain a GDPR compliance program over time
    • Conduct and document data protection impact assessments
    • Advise stakeholders and monitor compliance activities

Professional Testimonials

The teacher was clearly a subject matter expert in all aspects of the GDPR. I enjoyed the comments and explications, and the interaction between students.
FV

Francis Van der Staey

Course participant

Radar Risk
Course was really helpful and provided good guidance as have to implement & ensure adherence to GDPR guidelines.
AW

Astrid Wyss

Course participant

Redsen Consulting
A very dynamic course, with clear guidance and good material that will definitely help me continue with my compliance and risk management activities.
DA

Daniel Arias

Risk Mgmt. ERM, Strategy, Business Continuity, Compliance & Data Privacy

IATA

Frequently Asked Questions

What does a GDPR Data Protection Officer do in practice?

A GDPR Data Protection Officer advises the organization on GDPR obligations and monitors how well those obligations are met. The role also involves coordinating with leadership and working with the supervisory authority when required.

A DPO role is defined by advisory work and continuous monitoring.

Marc BOUVIER

ISO 22301 Lead Implementer • ISO 22301 Lead Auditor

GDPRData Protection Officercompliance programDPIA

How is the PECB CDPO exam structured?

The PECB Certified Data Protection Officer exam is aligned to defined competence domains and is delivered online. The stated exam duration is three hours.

The CDPO exam is domain-based and delivered online.

Marc BOUVIER

ISO 22301 Lead Implementer • ISO 22301 Lead Auditor

PECBCDPOexam formatGDPR

What is included in a GDPR compliance program for DPOs?

A GDPR compliance program typically includes governance, documented policies, processing records, risk management, and monitoring activities. It also covers DPIAs, breach handling, and internal checks to track issues and improvements.

A compliance program is governance plus evidence-producing operations.

Marc BOUVIER

ISO 22301 Lead Implementer • ISO 22301 Lead Auditor

GDPR complianceaccountabilityprocessing registerrisk management

How does the course prepare you for the DPO role?

The course connects GDPR requirements to DPO responsibilities across governance, documentation, impact assessment, incidents, and monitoring. It also includes review activities and a practice test aligned to exam preparation.

Role readiness comes from method, evidence, and repetition.

Marc BOUVIER

ISO 22301 Lead Implementer • ISO 22301 Lead Auditor

DPO roleGDPR trainingDPIAdocumentation

What topics are covered across the four course days?

Day 1 covers GDPR concepts and principles. Days 2 to 4 cover DPO designation and program analysis, DPO operations, and monitoring with continual improvement.

The structure follows build, operate, and improve.

Marc BOUVIER

ISO 22301 Lead Implementer • ISO 22301 Lead Auditor

course agendaGDPRDPOfour-day course

Last updated:

Train with practitioners. Pass with confidence.

Abilene Academy is the only PECB Titanium Partner in Switzerland — the highest accreditation tier in the industry — delivering certified training in information security, data protection, AI governance, and GRC compliance. 99% exam pass rate. 2,500+ professionals trained across 120+ countries and trusted by 600+ organizations. Multilingual programmes available.

99%
Exam pass rate
2,500+
Professionals trained
120+
Countries reached
Titanium
The only PECB Titanium Partner in Switzerland
Certification included
Multilingual
EN · FR · ES · DE · IT and more

Trusted by 600+ organisations in 120 countries

  • Airbus logoAirbus
  • Altis logoAltis
  • BCEAO logoBCEAO
  • BCV logoBCV
  • Cargolux logoCargolux
  • Cartier logoCartier
  • Cofco Intl logoCofco Intl
  • Confédération SuisseConfédération Suisse
  • Council of Europe logoCouncil of Europe
  • Dell logoDell
  • Deloitte logoDeloitte
  • Devillard logoDevillard
  • Ebay logoEbay
  • Engie logoEngie
  • Etat de Fribourg logoEtat de Fribourg
  • Etihad Airways logoEtihad Airways
  • Eumetsat logoEumetsat
  • EY logoEY
  • Framatome logoFramatome
  • G42 logoG42
  • Gavi logoGavi
  • Republique et canton de Genève logoRepublique et canton de Genève
  • Groupe Mutuel logoGroupe Mutuel
  • HSBC logoHSBC
  • International atomic energy agency logoIAEA
  • IATA logoIATA
  • IBM logoIBM
  • international Labour organization logoILO
  • IMD logoIMD
  • KPMG logoKPMG
  • Kudelski Security logoKudelski Security
  • Loterie Romande logoLoterie Romande
  • MSC logoMSC
  • Nagra logoNagra
  • nespresso logoNespresso
  • Nestlé logoNestlé
  • Novartis logoNovartis
  • Payot SA logoPayot SA
  • Philips logoPhilips
  • PSA PanamaPSA Panama
  • PWC logoPWC
  • Richemont logoRichemont
  • Roche logoRoche
  • RTS Radio Télévision SuisseRTS
  • Santander logoSantander
  • SAP logoSAP
  • https://www.skyguide.ch/Skyguide
  • Société Générale logoSociete Generale
  • Swisscom logoSwisscom
  • SyzSyz
  • The Global fund logoThe Global fund
  • UNGSC logoUNGSC
  • International computing center logoUNICC

We use cookies to improve your experience

Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.