The ISO/IEC 27701 Lead Auditor training course enables you to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures and techniques.
Course description:
During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process. Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.
After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices.
Course objectives:
• Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
• Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
• Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit
Program:
Day 1) Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701:
• Training course objectives and structure
• Standards and regulatory frameworks
• Certification process
• Fundamental information security and privacy concepts and principles
• Privacy information management system (PIMS)
Day 2) Audit principles, preparation, and launching of an audit:
• Fundamental audit concepts and principles
• The impact of trends and technology in auditing
• Evidence-based auditing
• Risk-based auditing
• Initiation of the audit process
• Stage 1 audit
Day 3) On-site audit activities:
• Preparations for stage 2 audit (on-site audit)
• Stage 2 audit
• Communication during the audit
• Audit procedures
• Creating audit test plans
Day 4) Closing the audit:
• Drafting audit findings and nonconformity reports
• Audit documentation and quality review
• Closing of the audit
• Evaluation of action plans by the auditor
• Beyond the initial audit
• Managing an internal audit program
• Closing of the training course
Day 5) Certification Exam:
• Exam
Audience:
• Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
• Managers or consultants seeking to master a PIMS audit process
• Individuals responsible for maintaining conformance with PIMS requirements
• Technical experts seeking to prepare for a PIMS audit
• Expert advisors in the protection of Personally Identifiable Information (PII)
Prerequisites:
• A fundamental understanding of information security and privacy, and a comprehensive knowledge of audit principles.
Language:
• English course material, English / Norwegian speaking instructor
Certification:
After successfully passing the exam, you can apply for the credential shown on the table below. You will receive the certificate once you comply with all the requirements related to the selected credential. Certification fees are included on the exam price.