Structured internal audit of privacy practices

Privacy compliance is not limited to having a policy or secure IT systems. Regulators assess whether providers actively protect personal information, understand their obligations, and apply privacy controls consistently across enrolment, delivery, assessment, support and third-party arrangements.

This session audits whether privacy is being managed as an operational risk, not an administrative afterthought.

Participants undertake a structured internal audit of privacy practices, focusing on how personal information is collected, stored, accessed, shared and monitored across the organisation.

 50% discount! for VET PD Series subscribers - Use your Voucher Code when registering!

+ Takeaways

Privacy M&E Tools...
AAA Audit Evidence Request
Annual Management Review 
Closing Meeting Record 
Continuous Improvement Register 
Internal Audit Reflection 
Internal Audit Tool - Privacy 
Opening Meeting Record 
Performance and Outcome Monitoring - Privacy 
Privacy Checklist - Use of AI 
Stakeholder Survey - Privacy 

 

Event details

Date: Wednesday 6 May 2026

Time: 12.30pm AEST (Sydney, Melbourne, Brisbane)

Duration: 3 hours

 

How it works

1. On registration, receive the resource pack, internal audit tool & evidence request listing for the live session.
2. At the live session, bring along your evidence & follow along, undertaking & documenting your internal audit with the audit tool.
3. Event replay is available post session for finalising your audit.
4. Implement the improvements identified & confirm effective.

 

What this session audits

• Privacy governance, accountability & roles
• Collection, use and disclosure of personal information
• Handling of learner, personnel and third-party data
• Privacy breaches, complaints and response processes
• Monitoring, review and continuous improvement of privacy practices

 

Regulatory focus

This session is anchored to Compliance Standards, with particular emphasis on:

• 20  Compliance with laws
   An NVR registered training organisation must comply with all applicable Commonwealth, State and Territory laws, including, for example, by ensuring:
  (a) personal information is collected, used and disclosed by the organisation in accordance with all applicable privacy laws

If personal information is not actively protected and monitored, privacy failures quickly become regulatory findings, reputational damage and learner confidence issue.

 

Watch the Launch Session

 

About the Internal Audit Series

Systematic monitoring & evaluation anchored by internal audit.

Under the 2025 SRTO, regulators expect providers to demonstrate active, systematic monitoring & evaluation. Internal audit forms the backbone of assurance. This is now the #1 area of non-compliance identified by ASQA.

The Internal Audit Series is a 12-month, structured internal audit program delivering practical, facilitated audits across all core VET operating functions.

Find out more about the Series

 

Our Presenter

Phill Bevan - vetr Community Advisor

One of Australia’s most qualified & experienced VET expert auditors.

Phill is a highly respected expert in the VET sector, with 26+ years experience working with hundreds of public, not-for-profit, private & enterprise VET providers. He specialises in strategic execution, quality management systems & standards implementation, offering unparalleled expertise in aligning organisational strategy with regulatory compliance & quality outcomes. He has led various strategy projects with well-known brand public institutions, government-owned enterprises & departments, universities & private sector entities.

Phill's extensive experience includes successfully guiding diverse organisations through complex regulatory landscapes, leveraging his strategic insight & quality systems expertise to drive sustainable business improvements. His in-depth knowledge spans all key VET sector operating requirements, including strategic & business planning, risk management & continuous quality improvement. He has established many new RTO operations over the last two decades, including the additional achievement of ISO certification for VET providers where desired, and has implemented new Quality Management Systems (QMS) in government departments, public companies, universities, national associations & large private RTO networks.

As a qualified auditor (Dip QA), he has conducted 500+ internal & external audits, including as a lead auditor in external audits for a National Regulator, & has provided invaluable support to myriad VET providers during 70+ ASQA regulator audits across six states & territories. He has held international certification with Exemplar Global & Fellow status with the AHRI. With qualifications in the BSZ, TAA, and TAE training packages at Certificate IV and Diploma levels, complemented by a Master of Education (Adult Education focus) specialising in competency-based training, Phill combines academic rigour with practical application. His strategic approach & proven track record make him a sought-after advisor for organisations across various industry sectors aiming to maintain a robust strategic fit & achieve quality-focused operational performance.

 

 A Statement of Participation is available for issue on completion of the event's activities. 

The recording of the live event will be available to participants for 30 days after the event.

 

CORE AREAS

TRAINING

• The Vocational Education & Training Sector
  
  • Interpret VET policy context
  • Operate within VET delivery and compliance frameworks