ISO/IEC - 27701 Training & Certification

ISO 27701 Training & Certification - PIMS

ISO/IEC 27701 LEAD IMPLEMENTER

ISO 27701 Training

Master the implementation and management of Privacy Information Management System (PIMS) based on ISO/IEC 27701.

COURSE BROCHURE

The ISO/IEC 27701 Lead Implementer training course enables you to develop the necessary expertise to assist an organization to establish, implement, maintain and continually improve a Privacy Information Management System (PIMS) based on ISO/IEC 27701 by enhancing an existing ISMS based on ISO/IEC 27001 and the guidance of ISO/IEC 27002.

Who Should Attend

  • Managers and consultants involved in privacy and data management.
  • Expert advisors seeking to master the implementation of a Privacy Information Management System.
  • Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations.
  • Individuals responsible for maintaining conformance with data privacy regimes requirements.
  • PIMS team members.

Course Duration

Day 1: Introduction to ISO/IEC 27701 and initiation of a PIMS

  • Training course objectives and structure
  • Standards and regulatory frameworks
  • Privacy Information Management System (PIMS)
  • Fundamental concepts and principles of information security and privacy
  • Initiation of the PIMS implementation
  • Analysis of the ISMS scope and Statement of Applicability
  • PIMS scope
  • Management approval
  • Privacy policy
  • Privacy risk assessment

Day 2: Planning the implementation of a PIMS

  • Privacy impact assessment
  • PIMS Statement of Applicability
  • Documentation management
  • Selection of controls
  • Implementation of controls

Day 3: Implementing a PIMS

  • Implementation of controls (cont’d)
  • Implementation of controls specific for PII controllers
  • Implementation of controls specific for PII processors

Day 4: PIMS monitoring, continual improvement and preparation for the certification audit

  • Awareness, training, and communication
  • Monitoring, measurement, analysis, evaluation, and management review
  • Internal audit
  • Treatment of nonconformities
  • Continual improvement
  • Preparing for the certification audit
  • Certification process and closing of the training course

Day 5: Certification Exam

Prerequisites

A fundamental understanding of information security and comprehensive knowledge of the ISMS implementation principles.

ISO/IEC 27701 LEAD AUDITOR

ISO 27701 Training

Master the Audit of Privacy Information Management System (PIMS) based onISO/IEC 27701

Course Description

The ISO/IEC 27701 Lead Auditor training course enables you to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures and techniques.

Who Should Attend

  • Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits.
  • Managers or consultants seeking to master a PIMS audit process
  • Individuals responsible for maintaining conformance with PIMS requirements
  • Technical experts seeking to prepare for a PIMS audit
  • Expert advisors in the protection of Personally Identifiable Information (PII)

Course Duration

Day 1: Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701

  • Training course objectives and structure
  • Standards and regulatory frameworks
  • Certification process
  • Fundamental information security and privacy concepts and principles
  • Privacy information management system (PIMS)

Day 2: Audit principles, preparation, and launching of an audit

  • Fundamental audit concepts and principles
  • The impact of trends and technology in auditing
  • Evidence-based auditing
  • Risk-based auditing
  • Initiation of the audit process
  • Stage 1 audit

Day 3: On-site audit activities

  • Preparations for stage 2 audit (on-site audit)
  • Stage 2 audit
  • Communication during the audit
  • Audit procedures
  • Creating audit test plans

Day 4: Closing the audit

  • Drafting audit findings and nonconformity reports
  • Audit documentation and quality review
  • Closing of the audit
  • Evaluation of action plans by the auditor
  • Beyond the initial audit
  • Managing an internal audit program
  • Closing of the training course

Day 5: Certification Exam

Prerequisites

A fundamental understanding of information security and privacy, and a comprehensive knowledge of audit principles.