27701LI.PNG

Data Protection & Privacy

Master the implementation and management of Privacy Information Management System (PIMS) based on ISO/IEC 27701

Who should attend?

  • Managers and consultants involved in privacy and data management

  • Expert advisors seeking to master the implementation of a Privacy Information Management System

  • Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations

  • Individuals responsible for maintaining conformance with data privacy regimes requirements

  • PIMS team members

Course agenda

Day 1 | Introduction to ISO/IEC 27701 and initiation of a PIMS

  • Training course objectives and structure

  • Standards and regulatory frameworks

  • Privacy Information Management System (PIMS)

  • Fundamental concepts and principles of information security and privacy

  • Initiation of the PIMS implementation

  • Analysis of the ISMS scope and Statement of Applicability

  • PIMS scope

  • Management approval

  • Privacy policy

  • Privacy risk assessment

Day 2 | Planning the implementation of a PIMS

  • Privacy impact assessment

  • PIMS Statement of Applicability

  • Documentation management

  • Selection of controls

  • Implementation of controls

Day 3 | Implementing a PIMS

  • Implementation of controls (cont’d)

  • Implementation of controls specific for PII controllers

  • Implementation of controls specific for PII processors

Day 4 | PIMS monitoring, continual improvement, and preparation for the certification audit

  • Awareness, training, and communication

  • Monitoring, measurement, analysis, evaluation, and management review

  • Internal audit

  • Treatment of nonconformities

  • Continual improvement

  • Preparing for the certification audit

  • Certification process and closing of the training course

Day 5 | Certification Exam

Learning objectives

  • Master the concepts, approaches, methods and techniques used for the implementation and effective management of a PIMS.

  • Learn about the correlation between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks.

  • Understand the operation of a PIMS based on ISO/IEC 27701 and its principal processes.

  • Learn how to interpret the requirements of ISO/IEC 27701 in the specific context of an organization.

  • Develop the expertise to support an organization in effectively planning, implementing, managing, monitoring and maintaining a PIMS.

Examination

The “PECB Certified ISO/IEC 27701 Lead Implementer” exam meets all the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competency domains:

Domain 1 | Fundamental principles and concepts of a Privacy Information Management System (PIMS)

Domain 2 | Privacy Information Management System controls and best practices

Domain 3 | Planning a PIMS implementation based on ISO/IEC 27701

Domain 4 | Implementing a PIMS based on ISO/IEC 27701

Domain 5 | Performance evaluation, monitoring and measurement of an ISMS based on ISO/IEC 27001

Domain 6 | Continuous improvement of a PIMS based on ISO/IEC 27701

Domain 7 | Preparing for a PIMS certification audit

General information

  • Certification fees are included on the exam price

  • Training materials and practical examples will be distributed.

  • A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued

  • In case of exam failure, you can retake the exam within 12 months for free

For additional information, please contact us at info@ciso-dpo.online.

Dowload Brochures [here].