ISO 27701 Lead Auditor Certification
Master the Audit of Privacy Information Management System (PIMS) based on ISO 27701:2019.
This four-day intensive course enables participants to obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO 17021-1 certification process.
Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.
For more information, please visit PECB.
Learning objectives :
- Understand a Privacy Information Management System (PIMS) and its processes based on ISO 27701;
- Identify the relationship between ISO 27701, ISO 27001, ISO 27002, and other standards and regulatory frameworks;
- Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011;
- Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit.
Who should attend?
- Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits;
- Managers or consultants seeking to master a PIMS audit process;
- Individuals responsible for maintaining conformance with PIMS requirements;
- Technical experts seeking to prepare for a PIMS audit;
- Expert advisors in the protection of Personally Identifiable Information (PII).
- Day 1: Introduction to Privacy Information Management System (PIMS) and ISO 27701
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental information security and privacy concepts and principles
- Privacy information management system (PIMS)
- Day 2: Audit principles, preparation, and launching of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
- Day 3: On-site audit activities
- Preparations for stage 2 audit (on-site audit)
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
- Day 4: Closing the audit
- Drafting audit findings and nonconformity reports
- Audit documentation and quality review
- Closing of the audit
- Evaluation of action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
This training is based on both theory and practice:
- Sessions of lectures illustrated with examples based on real cases;
- Practical exercises based on a full case study including role playing and oral presentations;
- Review exercises to assist the exam preparation;
- Practice test similar to the certification exam.
To benefit from the practical exercises, the number of training participants is limited.
- The “PECB Certified ISO 27701 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
- Domain 1: Fundamental principles and concepts of a Privacy Information Management System (PIMS)
- Domain 2: Privacy Information Management System (PIMS) requirements
- Domain 3: Fundamental audit concepts and principles
- Domain 4: Preparing an ISO 27701 audit
- Domain 5: Conducting an ISO 27701 audit
- Domain 6: Closing an ISO 27701 audit
- Domain 7: Managing an ISO 27701 audit program
- The “PECB Certified ISO 27701 Auditor” exam is available in English;
- The exam is available online, please refer to PECB Exams User Manual;
- Duration: 3 hours
- For more information about PECB Certified ISO 27701 exam and certification, refer to ISO 27701 Lead Auditor Exam & Certification.