This training course is designed to prepare its participants implement a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701.
Moreover, you will gain a comprehensive understanding of the best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes. After mastering the implementation and management of a Privacy Information Management System (PIMS), you can sit for the exam and apply for a “PECB Certified ISO/IEC 27701 Lead Implementer” credential. The internationally recognized PECB Lead Implementer Certificate proves that you have the practical knowledge and professional capabilities to implement the ISO/IEC 27701 requirements in an organization.
Course objectives:
• Master the concepts, approaches, methods and techniques used for the implementation and effective management of a PIMS.
• Learn about the correlation between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks.
• Understand the operation of a PIMS based on ISO/IEC 27701 and its principal processes.
• Learn how to interpret the requirements of ISO/IEC 27701 in the specific context of an organization.
• Develop the expertise to support an organization in effectively planning, implementing, managing, monitoring and maintaining a PIMS.
Program:
Day 1) Introduction to ISO/IEC 27701 and initiation of a PIMS:
• Training course objectives and structure
• Standards and regulatory frameworks
• Privacy Information Management System (PIMS)
• Fundamental concepts and principles of information security and privacy
• Initiation of the PIMS implementation
• Analysis of the ISMS scope and Statement of Applicability
• PIMS scope
• Management approval
• Privacy policy
• Privacy risk assessment
Day 2) Planning the implementation of a PIMS:
• Privacy impact assessment
• PIMS Statement of Applicability
• Documentation management
• Selection of controls
• Implementation of controls
Day 3) Implementing a PIMS:
• Implementation of controls (cont’d)
• Implementation of controls specific for PII controllers
• Implementation of controls specific for PII processors
Day 4) PIMS monitoring, continual improvement and preparation for the certification audit:
• Awareness, training, and communication
• Monitoring, measurement, analysis, evaluation, and management review
• Internal audit
• Treatment of nonconformities
• Continual improvement
• Preparing for the certification audit
• Certification process and closing of the training course
Day 5) Certification Exam:
• Exam
Audience:
• Managers and consultants involved in privacy and data management
• Expert advisors seeking to master the implementation of a Privacy Information Management System
• Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations
• Individuals responsible for maintaining conformance with data privacy regimes requirements
• PIMS team members
Prerequisites:
• A fundamental understanding of information security and comprehensive knowledge of the ISMS implementation principles.
Language:
English course material, Norwegian or English speaking instructor
Certification:
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential.