BCS Data Protection Courses Available for 2019

What courses are available?

Tkm Consulting is delighted to announce new data protection courses are available for 2019.  Tkm Consulting is an accredited training partner for the BCS (The Chartered Institute for IT) and we have added their data protection professional certifications to our training portfolio.  We now have courses at a range of levels including those offered by BCS together with our own qualifications, which are approved and certificated by the Scottish Qualifications Authority (SQA).

Tkm Data Protection Courses for 2019

BCS Courses

BCS Accredited Training Partner

BCS provides a wide portfolio of professional certification that meets these needs, enhancing skills and encouraging career progression.

Data Protection Practitioner Certificate

This certificate is designed for candidates with some existing data protection responsibilities, wishing to gain a broader understanding of current laws, including the EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Delivered over 5 days plus an exam day.  Further information

Data Protection Foundation Certificate

Suitable for anyone who needs to understand data protection law and GDPR.  Delivered over 3 days including an exam at the end of day 3.  Further information

GDPR Update Certificates

Available for both the Practitioner and Foundation Certificates.  Further information

Our Data Protection Qualifications

SQA Approved

Tkm Consulting’s qualifications are approved and certificated by the SQA, one of the UK’s qualifications regulators. They are also on the Scottish Credit and Qualifications Framework (SCQF).  The qualifications focus on enabling those attending to gain practical skills to achieve compliance, covering relevant data protection legislation, information governance, managing risk.

Certificate in Data Protection Compliance

A one day course for those that need an awareness of data protection legislation that they can apply to simple, common scenarios.  This award is SCQF level 6.  Further information

Certificate in Managing Data Protection Compliance

A five day course for those needing to be able to apply data protection legislation in a range of complex scenarios.  This award is SCQF level 8.  Further information

Diploma in Managing Data Protection Compliance

A five day course plus work-based assignment. This course enables those attending to demonstrate competencies in assessing and evaluating levels of compliance and risk, together with managing a programme of work towards compliance.  This award is SQCF level 10.  Further information

What is the difference between the two types of qualifications?


Both qualifications offered by Tkm Consulting and BCS cover current data protection and associated legislation.  The BCS qualifications use the SFIA levels which are based on knowledge of data protection and associated law, as well as how it is applied in specific contexts.  Our qualifications cover managing risk and the role of information governance, and are rated on the SCQF. This allows a comparison with other qualifications across the UK and Europe and ensures a consistent level of competence is achieved by those successfully completing the qualification.

If you need any help with choosing the best qualification for you or your team, please don’t hesitate to contact us.

Other Training

Customised data protection training is available for sessions delivered in house. We can also provide training on Freedom of Information (FOI) and Environmental Information Regulations (EIR) requests as well as information governance, managing risk andrecords management. Please contact us to discuss your requirements. 

What Do Other People Say?

“Liz’s training style was practical, knowledgeable, supportive and engaging. She maintained our active participation throughout with regular exercises and opportunities for discussion. I also appreciated the quality and range of course materials and the post-course email support provided in the period leading up to the exam, supplying revision questions, model answers and answering any revision queries that came up. This course has not only provided me with a recognised qualification, it has also increased my confidence in supporting clients in this key aspect of information rights and governance.”

Heather Jack, HJBS Ltd

“I attended the Certificate in Managing Data Protection Compliance with very basic knowledge of data protection legislation.  I was concerned that the course may be over my head but I found that the structure and content was well balanced and made it easy to follow.
I am now responsible for data protection compliance in my organisation and feel that the course has given me the knowledge and confidence to be able to provide informed advice and recommendations to our Management Team. 
The week long course was very intense but also very rewarding and I am proud to say that I completed it.  Liz is an excellent trainer who takes the time to ensure you have grasped what is required and converts the hard to follow technical jargon into normal language. 
Can’t forget to mention how amazing the food was!! Definitely helped me get through the week”

NT – Oct 18

“Liz has provided us with sound knowledge and direction in many areas over the last few years. She is dedicated in providing quality service in a timely manner.  Our organisation has put a number of staff through Tkm’s courses and we will be making the one day course mandatory for any staff processing personal data.”

VM – Dec 18

Further Information and Booking

Contact us for further information. Tkm Consulting is an approved training provider with the IRMS and discounts are available on all courses for individual and corporate members.

Data Protection Qualifications

We Are Launching Our New Data Protection Qualifications!

Tkm is delighted to be launching a suite of 3 approved data protection qualifications on 9 April 2018 at the Information Market as part of the ICO’s Data Protection Practitioners Conference.


The qualifications are based on specific learning outcomes and performance criteria, and have been designed to help people apply UK data protection legislation.  They will also assist organisations with demonstrating that key staff have the necessary skills and competencies to manage data protection compliance.  These awards are approved and certificated by the SQA, one of the UK’s qualification regulators.


Data Protection Qualifications

The data protection qualifications available are:


Certificate in Data Protection Compliance

The primary learning objective of this qualification is to enable those attending to develop a basic knowledge of data protection legislation that they are able to apply to simple, common scenarios.  It is a one day course and rated as level 6 on the SCQF, equivalent to RQF level 3 and EQF level 4 (qualifications frameworks).


Certificate in Managing Data Protection Compliance

On successful completion of the qualification, those attending will be able to demonstrate competencies in implementing data protection legislation in a range of complex scenarios, as well as understand and apply best practice set out by codes of practice. Candidates will also be able to demonstrate competencies required to deliver compliance programmes and manage aspects of information governance.  This qualification is usually delivered over 5 consecutive days and is level 8 on the SCQF, equivalent to RQF level 5 and EQF level 5.


Diploma in Managing Data Protection Compliance

On successful completion of the qualification, candidates will be able to demonstrate competencies in assessing and evaluating levels of compliance together with the risks of non-compliance within the context of their workplaces, as well as develop prioritised implementation plans.  This qualification is usually delivered over 5 consecutive days and requires the completion of a work-based assignment.  The qualification is level 10 on the SCQF, equivalent to RQF level 6 and EQF level 6.


Further information about the course content is available from our data protection qualifications and training pages.  The courses are continually reviewed and updated to ensure they reference current UK data protection and associated legislation, including the General Data Protection Regulation (GDPR) and what will become the Data Protection Act 2018.  If you would like any help with deciding which level of training is right for you, please get in touch.


Come and say hello at the Information Market on 9 April when we will be offering a limited number of discounted places – we look forward to seeing you then!


Tkm is an approved training company of the Information and Records Management Society (IRMS) and discounts are available for current members.


Courses are scheduled throughout the UK and we have places available for courses in Bristol, Glasgow, Gatwick and Newcastle.  Courses can also be delivered in-house and may be more cost effective if you have 4 people or more.  Prices start from £350 plus VAT for a one day course, and £1,600 plus VAT for the 5 day course.  To book and find further information please see our course pagescontact us,or book through Eventbrite.

Data protection training

Data Protection Training for GDPR – Getting it Right First Time – Part 2

data protection training
Effective data protection training will continue to be essential to ensure compliance with data protection legislation.

Training of staff is going to be a vital investment to ensure compliance with the GDPR for many organisations, although it can also be a significant cost.  It is therefore essential to make sure your organisation has a training solution that is right for them.

Following on from our first blog on data protection training, this focuses on helping to ensure you get value for money.

How Do I Chose the Best Training Option for my Organisation?

Successful data protection training programmes rely on accurately analysing and identifying the training needs of your organisation.  These can be complex when implementing programmes such as those for compliance with GDPR as it can potentially involve large numbers of staff who are going to be affected by the legislation in many different ways.  The points below provide an overview of the points you may wish to consider when choosing the training solution that is going to best for your organisation.

What data protection tasks require completion? 

It is vital to consider this in stages, starting with preparations for the implementation of the GDPR, followed by maintenance and ongoing compliance.  Are you going to require staff to develop a compliance programme, and interpret and apply the legislation within the context of the organisation?  If so, any members of staff tasked with this are likely to require a considerably higher level of competence than a member of staff tasked with basic maintenance tasks once the legislation is in place.  Similarly, if ongoing compliance tasks are likely to have a high degree of complexity or involving processing Special Categories of data, this should also be taken into consideration.

What is the current skills gap?   

This is a fundamental consideration when considering what data protection training and support is required as you need to understand what gaps in competence require managing by a training programme.  Do staff already have a good working knowledge of the DPA 1998?  If so, the training may simply address the differences between existing and new legislation.  If staff have very little knowledge, more detailed training to help them understand why compliance is important may be beneficial.

You should also think about the processing activities staff will undertake.  Having a basic knowledge of data protection legislation may be appropriate for someone undertaking simple, basic and routine tasks involving personal data.  However, it would not be an appropriate level for someone undertaking more difficult or complex processing operations, for example staff in the HR department.

To what extent will staff need to apply their knowledge?

Are business processes routine, simple and supported by tools such as IT software that limit errors?  Staff engaged in this type of processing are likely to require a lower level of competence than staff involved in complex, bespoke and highly manual processing of personal information.

It is essential to consider risk when identifying appropriate training for staff.
A successful training programme should manage key organisational risks.

What are the risks associated with processing activities?

This should consider the frequency, complexity, and volume of personal information together whether it is inherently higher risk, for example, the information includes Special Categories of personal data or detailed financial information.  It may also be worthwhile to conduct a data protection impact assessment for some of the highest risk processes if this hasn’t been completed previously as there may be alternative solutions to training.  For example, there may be options to automate highly complex, high risk processing through systems development rather than developing data protection training for a manual process.

What ongoing support will staff have available to them in the workplace?

Once staff have undertaken training, what support will be available to them to help integrate data protection competencies into their role and make sure staff understand how to apply their knowledge in a relevant context?

How are you going to maintain levels of competence?

It is essential to maintain the levels of competence required for compliance and this is likely to require a comprehensive monitoring programme together with refresher training.  The required frequency is likely to depend upon roles as well as risks associated with processing operations they undertake.

Tkm Can Help

Tkm offers a range of training solutions and can also help with conducting a training needs analysis.  To discuss the options available for your organisation, including accredited foundation and practitioner qualifications, please contact us.


data protection training

Data Protection Training for GDPR – Getting it Right First Time – Part 1

data protection training
Effective data protection training will continue to be essential to ensure compliance with data protection legislation.

Data protection training is going to be an essential part of preparing for compliance with the General Data Protection Regulation (GDPR).   Time is already becoming limited to develop and implement a comprehensive training programme to enable compliance with the GDPR.  Furthermore, some evidence suggests that there will be a significant skills shortage and therefore the competencies required to comply with the legislation should be identified as soon as possible.  Tkm can help with every stage of training planning and delivery with further information provided at the end of the blog.

Training for staff is not a new requirement to comply with data protection laws.  The ICO considers training as an “appropriate organisational measure” under Principle 7 of the Data Protection Act 1998 (DPA 1998), and it is likely that the GDPR will reinforce and strengthen this requirement.

As discussed in a previous blog, the Data Protection Article 29 Working Party’s guidance on the role of Data Protection Officer (DPO) discusses competencies being commensurate with the risks associated with processing.  This is likely to be a useful approach when determining all training needs of your organisation and not just those of the DPO.

It is important to ensure that your training programme delivers the best value for money.  In this context, for most organisations, this means that any investment in training facilitates sustainable, long term compliance with the GDPR.  Data protection training should also deliver against relevant corporate objectives.

The success of training programmes is generally determined by the extent to which training needs are accurately identified.  Once identified, the next step is to develop or acquire a solution that has the best fit with those needs.  This blog covers the options available and key points to consider when deciding what training would offer best value for money to your organisation.

Tkm can help with data protection training solutions
Organisations need to start their preparations for the GDPR including data protection training programmes.

What Data Protection Training Solutions are Available?

There are a number of different options to consider when looking for the best training solution for your organisation.  These depend upon the format and content of the training, as well as the method of delivery.

Format and Content of Training

Accredited Data Protection Qualifications

There are accredited data protection qualifications although it is important to check which body is accrediting the training.  It should be an organisation that is recognised as a provider of qualifications, which you should be able to check through the accreditors’ websites.  Qualifications generally provide an assurance of consistency of what is going to be covered, with those completing them reaching a demonstrable level of competence.  Some providers also offer flexible learning options.  It is not always possible to customise accredited qualifications, particularly for intensive courses, therefore those attending need to be capable of applying the relevant knowledge to their own working environments on completion.

Customised Training

Customised training does not usually have accreditation although can often significantly aid implementation and integration of learning points into business processes.  Training providers will often develop customised training in consultation with their clients.  There is therefore likely to be an opportunity to influence the content to match your organisation’s specific training requirements.  You may find that some training providers can offer a qualification that is customised to meet the needs of your organisation.

Method of Training Delivery

In house Training

The availability of this option is likely to be determined by available budget.  In house can be cost prohibitive for smaller organisations although worth considering and investigating for organisations of any size.  The main advantage of in house training is that there can usually be more of a focus on the organisation, for example during discussions on application, particularly around sensitive business areas.  These types of topic may not be discussed at a course with general attendance.  There is also typically more flexibility about how and when the training is provided.

Course Attendance

Data protection training
There are a number of options for data protection training.

There are a number of different types of attended training, seminars and conferences available that focus on GDPR.  Whichever option you choose, you need to be confident it will be of benefit to attend.  Part 2 of our blog will look at this in more detail.  In the meantime, some key points to consider are:

  • Is the training accredited by a recognised qualifications body?  This is likely to be particularly important if you are looking for attendance to demonstrate competence.
  • Is the event going to focus on areas that are important to your organisation? The GDPR contains a number of new legal requirements and they may not all be relevant to your organisation.
  • Which staff will be attending?  Senior managers are more likely to require events that focus on implications of the legislation.   Those responsible for practical implementation may need more detail that they can apply in their own working environment.
  • Consider knowledge and competencies.  There are some excellent seminars and conferences being publicised.   However, it is unlikely to represent value for money to attend an event that covers the theoretical side of the legislation if those attending have no competencies in interpretation and application. There are also some great events on relevant topics such as information security.   These are unlikely to be benefit to those attending if they don’t have at least a background knowledge of the topic being covered.

Tkm Can Help Plan, Prepare and Delivery Your Training

Tkm is highly experienced and has developed and delivered data protection training programmes for a wide range of clients.  Able to deliver both accredited qualifications and customised training, Tkm can help from the beginning of the planning process.  Services include training needs analysis as well as all aspects of data protection training programme development and delivery.  Tkm can help to ensure your organisation get best value for money for your investment in training staff.  New, accredited qualifications in data protection are planned for later in 2017.  Further details will be added to our data protection training page.

Please contact us to discuss your training requirements.