Відео

hello prabh i used to watch all your videos and they are amazing but I want to give you one suggestion that in the whole conversation there are lot of hard terms that the person may use and for a beginner it is very difficult to understand that part. So you can pause a while make an easy explanation and then move forward......in this video lot of hard terms like tools and services were used and was a bouncer to me

great and simple explanation

Prefect, as usual the best video to start for CISSP preparation. Thank you so much Prabh!

Itne ache se explain krne k liye thanku apko♥️😊

Amazing sir...

Please make more videos

Thanks Prabh, I'm new to GRC and I surely see your hard work making these videos for us newbies, one question where I can get these Excel sheet to download, Thanks again

Writing the CC in 2 weeks and found these videos to supplement my other learning. I think the way the questions are phrased here are really going to help a lot. Now I feel much more confident in passing this exam

You’re always outstanding of presenting and simplifying concepts, keep it up

Thank you for amazing content

This is brilliant stuff. I have never found similar content anywhere on the internet. I am getting my hands into content engineering and this video is a true road map for me. I got a clear understanding of how I should build my practice. I am really thankful that this content is published. Do conduct one more session as you have spoken. Thanks a lot.

Thank you!

I take my exam in one hour!!!!!! Will update when I am finished!!

Hi Prabh, Please let us know whether we should read both Sybex and CBK or only any one is enough. please clarify

00:04 Privacy is the state of information that is not observed or disturbed by others. 03:58 The most important requirement for privacy compliance is understanding the regulations and business requirements. 07:16 Privacy program management is essential for organizations to protect personal data and comply with regulations. 11:08 Build a Privacy management system 14:36 To comply with GDPR, companies need to follow these steps: 17:47 Responding to a breach 20:38 Define the type of information collected and how it is collected. 23:35 Data privacy is essential to protect individuals and maintain trust in institutions and businesses. Crafted by Merlin AI.

very useful !! thanks

Thank you sir

Thank you kindly. Informative and easily understood

Thanks Prabh 🍻

Thanks Prabh ; your teaching is great. You break down the fundamentals like no other. I am preparing for my CISM.

Could you plz also upload how real time scanning and all would be done.. Thanks@prabh...

In this session, the speaker discusses key aspects of a data privacy program, including training strategies for GDPR compliance, role-based training, and the importance of maintaining records of processing activities. The talk covers the necessity of privacy impact assessments for both internal processes and third-party vendors, as well as the challenges of consent management and data subject requests. The speaker emphasizes the significance of data retention policies, privacy by design, and the role of the Data Protection Officer (DPO) in ensuring compliance, concluding with insights on conducting audits and the importance of continuous review and improvement. Takeaways 📝 Training is crucial for data privacy awareness and should be conducted at least once for everyone in the organization, as per GDPR requirements. 🎓 Utilizing a Learning Management System (LMS) portal or video conferencing tools like Teams or Zoom can facilitate training and attendance tracking for compliance. 👥 Role-Based training is essential for specific departments handling sensitive data, such as HR, sales, and customer relationship teams, to ensure they understand data privacy concepts and processes. 📝 Maintaining records of processing activities and a Personal Information (PI) inventory list helps categorize data and identify sensitive information, which is critical for compliance and risk management. 🔒 Technical and organizational measures should be in place for sensitive data protection, including encryption, data masking, and access control to prevent data exposure and harm to individuals. 🗂 Regular updates and maintenance of data inventories and policies are necessary to adapt to changes in business processes and regulatory requirements. 🤝 Consent management is complex and requires a deep understanding of data flows within an organization to handle consent revocation effectively, possibly aided by a consent management tool. 📧 Data subject requests must be managed through a clear policy that outlines the process for handling requests such as data access, rectification, and erasure. 🗑 Data retention policies should be established to determine how long data should be kept and ensure its deletion when no longer necessary, aligning with data minimization principles. 🛡 Privacy Impact Assessments (PIAs) are necessary for both internal processes and vendor management to evaluate and mitigate risks associated with data processing activities. 🚨 Breach management policies should outline clear procedures for responding to data breaches, including notification timelines and breach response teams.

In this session, guest speaker Mr. PKA Chavan discusses the implementation of GDPR from scratch, sharing his 8+ years of experience in data privacy across various sectors. He outlines the importance of understanding GDPR as a global regulation and provides practical steps for creating a data privacy program, including policy development, gap analysis, and the use of templates for assessments. Chavan also emphasizes the role of communication and change management in successfully implementing data privacy measures within an organization. Takeaways 📝 The session is focused on practical implementation of GDPR with the help of a special guest, Mr. PKA Chavan, who has extensive experience in data privacy across various sectors. 🌐 Mr. Chavan discusses the global impact of GDPR, emphasizing its significance beyond the European Union and how it has influenced data privacy regulations worldwide. 🔍 The importance of understanding the jurisdiction and customer base of a business is highlighted as the starting point for any data privacy program, including GDPR compliance. 📚 The creation of a Global Privacy Handbook is suggested as a comprehensive manual that includes applicable regulations, data privacy frameworks, procedural documents, and policies. 📋 The script outlines the process of developing a data privacy policy, emphasizing the need to understand the specific requirements of different jurisdictions and tailoring the policy accordingly. 🔑 The concept of 'Privacy by Design' is introduced as a critical aspect of data privacy, which involves assessing and implementing privacy measures from the outset of a project or process. 🍪 Cookie compliance is presented as an 'easy win' for demonstrating quick progress in data privacy, as it involves obtaining consent from data subjects for the use of cookies. 🔍 The necessity of conducting Privacy Impact Assessments (PIA) is discussed to identify and mitigate risks associated with the processing of personal data. 📝 Records of Processing Activity (RPA) are described as a crucial document for maintaining a comprehensive understanding of all business processes, especially those involving personal data. 📑 The script touches on the importance of reviewing and updating existing policies and contracts to ensure they align with data privacy regulations and protect the organization legally. 🤝 The distinction between data controllers and data processors is clarified, along with the need for data processing agreements or Master Service Agreements (MSA) to ensure contractual protection in data handling.

Takeaways 📝 Introduction: Prabh Nair hosts a session on interview questions frequently asked in data privacy jobs. 📚 Prabh emphasizes the importance of understanding privacy, explaining that privacy is a state where information is not observed or disturbed by others. 💼 Privacy vs. Secrecy: Privacy relates to individual information, while secrecy pertains to organizational information. 🔍 Privacy Compliance: The most important requirement is to understand regulatory and business requirements, appoint a data protection officer, create a privacy program, and conduct privacy impact assessments. 🏢 Privacy Program Management: A comprehensive approach to establish, implement, and continually improve an organization's privacy program to ensure compliance with data privacy regulations. 📝 Creating a Privacy Policy: Understand business and legal requirements, define scope, types of collected information, sharing policies, retention periods, and include review and exception processes. ⚠ Responding to Privacy Breaches: Steps include containing the breach, evaluating risks, notifying authorities, and implementing remediation plans. 🌐 GDPR Compliance: High-level steps include updating data consents, implementing transparency documentation, and detailed steps like data mapping, consent management, and privacy policy development. 🛡 Data Privacy Risk Assessment: Steps include defining the scope, identifying personal data, evaluating existing controls, identifying gaps, prioritizing remediation, and monitoring. 👍 Importance of Data Privacy: Protects personal information from unauthorized access, maintains trust, and ensures ethical data use.

Very informative talk 👍

@prabh, Today in was able to successfully clear by CCSP EXAM. I can’t thank you enough for your videos and coffee shot series, I highly recommend to all aspirants, to watch Prabh videos.

It is really very helpful and insightful. Thanks for making such videos

Thanks ❤

Sir to be SOC analyst, Ethical hacking knowledge is mandatory? pls suggest . I have Security + certification.

Awesome approach to teach

Hi Prabh, Thanks for the video it was an eye opener. However I have been a cloud architect for the past 8 years my overall experience is 16 years I am looking forward for a career in cyber security. Can I proceed with CISSP or CISA. Please guide

Very useful video

Thanks a lot bhai explained policy creation very well.. I have been looking for a long time.. surely this will help in the Interview .. which they ask questions on this..

very useful concept and clear

Thank you Prabh, I passed the CC exam yesterday first time thanks to going through all of your videos. You've been an excellent resource!!!!!!

Very useful content..Thanks Sir..❤🙏

Very well detailed and explanation ; thank you.

Very well explained...Thank You

Risk assessment for saas and paas is particularly of interest for most CISOs and Chief Risk Officer's . TPRM should generally follow ISO framework controls. How can TPRM be achieved in this GenAI era when many organisations are consuming 3rd party models to implement their AI use cases.

Much helpful

perfect video from the point of view of auditor, that what are the things an auditor shoulsd see in BCP

This video is very helpful, I have finally passed the ISC2 CC exam. Thank you.

You are right.

Great lesson. Thank you

Hello Prabh I passed my ISC2 CC exam yesterday. Thank you so much, your lecture-vidros as I call them really helped. Thank you for taking your time to do these intensive teachings for free. I really appreciate

Thank you guys,this video is gold mine

Sir, I am a regular follower of your channel. In mid-career in GRC for about 10+ years. I am hearing news that the salaries in this field is getting saturated for salaried staffs like after 10+ years, then not many openings so the salary raise is also not that exponential. I am definite that this is not the case, can you shed some light on the areas to up skill in GRC like privacy, Cloud or Devops (or) should we think of moving to security engineer or security architecture role (more technical) for salary growth and to be in demand. Please answer from mid-career perspective.

Very clear explanation. Thanks Prabh!

Really informative 💯

disgusting accent