Vous avez déjà un compte client ORSYS
Se connecter
Vous êtes nouveau chez ORSYS
Créer un compte
Vous ne souhaitez pas créer de compte
Poursuivre sans me connecter

Course : Data governance and regulatory compliance

RGPD, NIS2, DORA, IA Act, CRA

Seminar - 2d - 14h00 - Ref. GND
Price : 1810 € E.T.

Data governance and regulatory compliance

RGPD, NIS2, DORA, IA Act, CRA


New course

Against a backdrop of accelerated digital transformation and tougher European regulations (RGPD, NIS2, DORA, IA Act, Cyber Resilience Act), executives are more than ever in the front line of ensuring their organization's compliance. This strategic seminar is aimed at members of general management and executive committees wishing to integrate data governance and cybersecurity issues into their decision-making.


INTER
IN-HOUSE
CUSTOM

Seminar
Disponible en anglais, à la demande

Ref. GND
  2d - 14h00
1810 € E.T.

Download in PDF format

Share this course by email




Against a backdrop of accelerated digital transformation and tougher European regulations (RGPD, NIS2, DORA, IA Act, Cyber Resilience Act), executives are more than ever in the front line of ensuring their organization's compliance. This strategic seminar is aimed at members of general management and executive committees wishing to integrate data governance and cybersecurity issues into their decision-making.


Teaching objectives
At the end of the training, the participant will be able to:
Understand the business, financial, HR and governance challenges of RGPD and regulatory compliance.
Identify management's data protection and cybersecurity responsibilities
Arbitrate projects with regulatory risks or ethical impacts (AI, outsourcing, cloud, etc.).
Integrating compliance into strategic choices and business models
Use steering tools and indicators to communicate effectively with business lines and support functions
Setting risk acceptance and requirement levels

Intended audience
CIOs and CIOs, strategic managers of cloud, data, AI, CSR activities.

Prerequisites
No

Practical details
Case study
Presentations illustrated by real cases (case law, sanctions, press).

Course schedule

1
Data governance, regulation and strategic alignment

  • Why is compliance an issue for senior management?
  • Compliance is not an end in itself, but a lever for steering and arbitration.
  • As with quality, CSR or finance, the manager sets the compliance cursor.
  • Business impact: loss of contracts, exclusion from tenders, brand damage.
  • Direct responsibility of the manager (RGPD, duty of care, cyber attacks).
  • Legal representative of the data controller: non-delegable criminal liability.
  • Examples of criminal convictions (articles 226-16 to 226-24 of the French Penal Code, CNIL sanctions).

2
Managing data governance

  • Set up a data/processing governance committee.
  • Provide the DPO with human and budgetary resources and direct access to management.
  • Role of business departments in RGPD responsibility.
  • Arbitrate conflicts: marketing versus safety, HR versus innovation, etc.

3
Anticipating emerging regulations

  • Overview of regulations with strategic impact: NIS2, DORA, CRA, IA Act, Data Act.
  • Examples of effects on value chains: suppliers, customers, subsidiaries.
  • Use cases: sovereign cloud, generative AI, resilience management.

4
Positioning the RGPD as a transformation lever

  • Compliance by design: integration into digital strategy.
  • Competitive benefits: transparency, trust, differentiation.
  • Develop a responsible data culture.

5
Steering, arbitration and crisis management

  • Managing compliance: metrics and indicators for managers.
  • Risk mapping and associated budgets.
  • Key indicators to monitor: processing register, DPIA, data breaches, audits, training.
  • Manager's responsibility for keeping the register and carrying out PIAs.
  • Dialogue with the DPO, CISO and business managers.

6
Arbitrating critical projects

  • Launching an AI project: what questions should you ask?
  • Outsourcing or cloud: control, auditability, reversibility.
  • Sensitive HR processing: how vigilant should you be?

7
Managing a compliance crisis (breach, cyber-attack, litigation)

  • Management response to incidents.
  • Coordinated management with legal, communications, IT.
  • Post-crisis best practices: avoiding the double penalty (legal, reputation).
PARTICIPANTS
CIOs and CIOs, strategic managers of cloud, data, AI, CSR activities.

PREREQUISITES
No

TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.

ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.

TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.

TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.

ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Dates and locations
Select your location or opt for the remote class then choose your date.
Remote class

Dernières places
Date garantie en présentiel ou à distance
Session garantie

REMOTE CLASS
2026 : 19 Mar., 29 June, 14 Sep., 7 Dec.

PARIS LA DÉFENSE
2026 : 12 Mar., 22 June, 7 Sep., 30 Nov.