PR307: Leading Enterprise Risk Management

This course is designed for those who are currently practicing quality and are in, or aspire to leadership or senior management roles.

This course includes a two and a half hour multiple choice examination.

The CQI and IRCA Professional Quality Management courses are aimed at experienced practitioners looking to advance to a strategic level and aspiring to become a Chartered Quality Professional. They meet the knowledge requirements for membership of the CQI at Chartered Quality Professional level (CQP MCQI).

The Leading Enterprise Risk Management (PR307) course provides leadership skills in the application of risk management within the context of an organisation.

CQI Learner Privacy Notice ( V3.1 )

This course is certified by CQI and IRCA (the Chartered Quality Institute and the International Register of Certificated Auditors)

Due to changes announced by CQI and IRCA we must make you aware that:

Introduction

The Chartered Quality Institute (the CQI) has approved your training provider to deliver the certified course that you are attending.

During your course, your training provider will send us some information about you. This Privacy Notice explains what personal data will be collected and how the CQI will use your personal data.

Some of our courses require you to take an online exam. The CQI has partnered with ExcelSoft Technologies (referred to as ExcelSoft) to use their online assessment system (SARAS) and their remote proctoring service (Easy Proctor) to deliver your online exams. We have a legally binding contract with ExcelSoft which requires them to keep personal data confidential. We also have agreements and share data with:

• Nettigritty who sends the exam login credentials to learners

• Vonage, Zoom and Amazon Web Services (AWS) who provide the video streaming, analytics and storage that form part of ExcelSoft’s Easy Proctor service

• Ethical IT who manages our Microsoft Azure cloud based storage where your learner records are kept

• Higher Logic who may be used to send email updates to learners about SARAS

ExcelSoft, Nettigritty, Vonage, Zoom, AWS, Ethical IT and Higher Logic will only process personal data on CQI’s behalf and in accordance with our instructions.

Contact details

The CQI is subject to data protection laws, including the UK General Data Protection Regulation (UK GDPR). The UK GDPR gives you certain rights with respect to your personal data. Unless otherwise specified below, you can exercise any of your rights with respect to our processing of your personal data by sending an email to privacy@quality.org or by writing to us at: Privacy Officer, Chartered Quality Institute, Third floor, 90 Chancery Lane, London WC2A 1EU. Please be aware that we may need to verify your identity before we can service your request.

We have appointed IT Governance Europe Limited to act as our European Union (EU) representative for data protection purposes. If you are based in the EU and you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR), or have any queries in relation to your rights or general privacy matters under EU data protection law, please email our Representative at eurep@itgovernance.eu. Please include our company name in any correspondence you send to our Representative.

Your data protection rights

You are entitled to:

• Access the personal data that we hold about you. This is commonly known as a ‘data subject access request.’ There is generally no charge for making a data subject access request.

• Rectify personal data we hold about you that is inaccurate.

• Withdraw your consent to us processing your personal data.

In certain circumstances you are also entitled to:

• Ask us to delete the personal data we hold about you. Please note that we may not be able to delete all personal data that we hold about you, for example, because of our duties to regulate the quality profession under our Royal Charter.

• Object to our processing your personal data, depending on the legal basis under which we are processing your data.

• Ask us to restrict our processing of your personal data. For example, you may ask us to do this if you dispute the accuracy of your personal data, if you want us to restrict how we can use your data rather than deleting it, or if you have objected to our processing and we are dealing with your objection.

• Ask us to transfer your personal data to another person or organisation.

You can make a request by writing to us at the addresses given above.

You also have rights in relation to any automated decision making. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces significant legal effects concerning you.

You can complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection:

https://ico.org.uk/global/contact-us/

What types of personal data will be collected?

The CQI will collect the following personal data:

• Your first and last names

• Your email address

• The training provider you are registered with

• The course you are registered to take

• Start and end dates of your course

• Name of your tutor(s)

• Delivery method for your course

• Country where you are located

• Any request for a reasonable adjustment (CQI and IRCA online exam only)

• Your CQI Unique Learner number if you already have one

• Your training provider’s unique learner number (if they have one)

• Confirmation that you have given consent to your training provider for your data to be processed by the CQI and shared with ExcelSoft in accordance with CQI’s Privacy Notice (where local GDPR laws require consent)

• A photo of your face and a photo of your national government approved photo identification (CQI and IRCA online exam only)

• Video and audio recording of you and recording of your computer/laptop screen, taken during the exam (CQI and IRCA online exam only)

• Date and time of your exam (CQI and IRCA online exam only)

• How long you took to complete the exam (CQI and IRCA online exam only)

• Language of your exam (CQI and IRCA online exam only)

• Your proctoring result (CQI and IRCA online exam only)

• Your exam marks

• Your overall exam result

• Any request for special consideration (CQI and IRCA online exam only)

• Any appeal submission (CQI and IRCA online exam only)

How will my personal data be collected and why does CQI need it?

As the body responsible for certifying your course and managing your online exam, the CQI processes the following data under the lawful basis of legitimate interest and where special category data is processed, it is processed with your content.

Your training provider will collect data relating to your name, email address, location, course details and assessment result (for courses that do not have an online exam). They will also collect data relating to learner requests for reasonable adjustments for courses with CQI and IRCA online exams. This data will be shared with the CQI.

The CQI will assign you a Unique Learner Number (ULN) which we will share with your training provider. We will retain your name, course details, exam result and your ULN in perpetuity, so that we can verify, upon request, that you completed the course for which you have registered.

We will also use the data to assess your provider and the quality of the training and assessment you received. We will use your name, email address and course information to send you a personalised email following the conclusion of your course, in which we ask you to give us feedback on your experience with the course, your tutor and the training provider. We will also ask you whether you are interested in receiving additional information from us about the quality profession, the CQI and IRCA, and our products and services.

In addition to the above, for learners taking a CQI and IRCA online exam:

The CQI will generate an assessment code and exam schedule for each learner taking an online exam. These details along with your name, email address, ULN and any reasonable adjustment request for extra time (if required) will be shared with ExcelSoft. Your username and password are then created by ExcelSoft, and two emails will be sent to you – one containing your credentials and schedule for the practice questions and the other with your credentials and schedule for the online exam.

When you log onto SARAS to take your exam, you will be asked to take a photo of your face and a photo of your national government approved photo identification. This is to enable CQI to verify the identity of the person taking the exam. You will then be connected to ExcelSoft’s remote proctoring tool Easy Proctor. Easy Proctor will video and audio record you for the duration of the exam, using the webcam and audio facility on your pc or laptop. It will also record the image displayed on the pc/laptop you are using for the exam. This data is collected to ensure that you are complying with CQI’s online exam regulations.

At the end of the exam, you will be asked to complete a survey about your exam so that CQI can identify any areas for improvement.

Easy Proctor will use artificial intelligence to analyse your exam video recording and will compare the photo of your face with the image of your photo identification and the video recording of the person taking the exam. The system will highlight any anomalies and potential breaches of CQI’s online exam rules. The CQI will review proctoring recordings to:

• Verify the person taking the exam is the same person who is registered for the exam.

• Confirm whether any anomalies flagged by Easy Proctor could amount to malpractice or could have adversely affected the learner’s exam performance and result.

Once CQI has checked the proctoring recording, your overall exam result and mark, results and exam marks by section, date exam was submitted, date result was issued, and exam language will be sent from SARAS to CQI. Your trainer provider will download your result from CQI’s portal and inform you of the outcome. If malpractice is suspected, your training provider may need to support the CQI in investigating this. In such circumstances, additional data may be shared with your training provider including the duration of your exam, the time of your exam and images from your exam video recording.

CQI will use the data to monitor trends in exam performance across courses, training providers, tutors, and different languages, and to undertake quality improvement activities where necessary.

How will you store my personal data?

The CQI will store your name, email address, ULN, course and exam information on our cloud-based archive within the UK. We will retain this data in perpetuity, so that we can verify, upon request, that you completed the course for which you have registered.

ExcelSoft operates the SARAS application from cloud-based servers in the UK. Depending on your location, your proctoring recording may be streamed to SARAS via servers based outside of the UK. Before being uploaded to SARAS, your proctoring recording will be processed and stored temporarily in a Vonage or Zoom (streaming service provider) cloud-based archive in the USA. All data processed in the USA on CQI’s behalf are covered by Standard Contractual Clauses incorporated within the streaming service provider’s contractual arrangements with CQI and ExcelSoft.

All proctoring personal data processed by ExcelSoft will be stored securely for 90 days to allow any queries, appeals, special consideration requests or malpractice investigations to be dealt with. ExcelSoft will delete this personal data after 90 days unless otherwise requested by CQI.

CQI will only ask ExcelSoft to retain your data for a longer period than stated in this Privacy Notice if we need it to deal with a complaint, an appeal, a special consideration request, a malpractice investigation or if we believe there is a prospect of a legal claim connected to your personal data.

Queries

If you have any questions about this Privacy Notice or about how we use your personal data, please contact us by email at: privacy@quality.org or by post to: Privacy Officer, Chartered Quality Institute, Third floor, 90 Chancery Lane, London WC2A 1EU.