Qualified Individual Designation Training
by Dealer EducationFX

The Qualified Individual...doesn't need a particular degree or title. What matters is real-world know - how suited to your circumstances...”

ADCO Training has everything you need for the Qualified Individual Designation (QID). The QID training establishes a knowledge-based approach to Safeguards Rule ISP Compliance and Cybersecurity best practices for the assigned staff. The training is based on 25 years of dealership compliance operations, cybersecurity standards and frameworks needed to institute a reasonable “Good Faith Dealership Compliance Effort.” We will explore strategies aimed at preventing a cyber incident and learn clear actions to be taken should such an event occur.

Trainees will learn how to:

• Develop a comprehensive cyber incident response plan complete with risk management frameworks that helps establish roles and responsibilities among dealership staff.
• Review methods and technology for continuously assessing your Good Faith Dealership Compliance Effort to counter ransomware and cyber-threats to your IT infrastructure.
• Engage your dealership's leaders to nurture a culture of compliance and IT security awareness. This includes ensuring stakeholders grasp their roles and responsibilities to prevent a data breach but act appropriately should a breach occur.
• Prioritize effective communication strategies during and after a cyberattack.
• Fine-tune prevention and response policies to bolster cybersecurity resilience, reducing a dealership's risk profile rewarded by Cyber Insurers with lower premiums and deductibles.

The course will equip the designated QI with the knowledge and resources needed to excel in the FTC mandated role. The program covers a range of topics, including:

1. Consumer Information Security Governance: This involves the establishment and management of the vision, strategy, and program to ensure sensitive consumer information assets are adequately protected, including 3rd party vendor compliance management.
2. Consumer Information Risk Management: This involves identifying and managing information security risks to achieve dealership objectives and meet federal, state and PCI DSS requirements.
3. Consumer Information Security Program Development and Maintenance: This helps you establish and maintain consumer data security in a dealership compliance environment that may not be proactive in support of legal compliance best practices and operational goals.
4. Information Security Incident Management: This involves planning, establishing, and managing the response to and recovery from an information security incident.
5. Dealership Cyber Security Compliance: Understanding and applying security compliance considerations, legal regulations, and privacy laws to your IT systems security.
6. Build High-Level Knowledge of IT Security Architecture: This involves understanding the security systems to meet the dealership's present and future cyber security compliance needs.
7. Operational Cybersecurity Management: This involves the discovery of vulnerabilities of poor system configuration, and incident response management to counter those threats.
8. Dealership Operational Continuity and Recovery: This means quickly counteracting interruptions (i.e. Ransomware, data hacks, etc.) to dealership activities and to protect critical dealership systems from the effects of potential IT security, and compliance failures.

The program includes a mix of educational content, practical examples and references specific to automotive retail, as well as knowledge tests and assessments. It provides the dealership's designated QI insight into the latest trends and best practices in information security, and how to lead and manage a dealership's information security compliance program, reducing risk related implications.

Upon completion, participants receive a Qualified Individual Designation (QID), which confirms their knowledge and skills in dealership consumer data cybersecurity as prescribed by the FTC's Safeguards Rule ISP, as well as overlapping elements in the Payment Card Industry (PCIDSS) and cybersecurity best practices that Cyber Insurance Providers reward with premium and deductible reductions.

The Proposal

The Association of Dealership Compliance Officers (ADCO) values the chance to provide this proposal to support your dealership's Qualified Individual Training needs, facilitate compliance with the FTC Safeguards Rule and address overlapping requirements of the Payment Card Industry's Data Security Standard and facilitating dealers' Cybersecurity Insurance Applications with the requirements therein.

Thank you for your interest in ADCO's Qualified Individual Designation Training. If you are ready to begin, please click the button below to get started.