Master the Audit of Privacy Information Management System (PIMS) based on ISO/IEC 27701
Why should you attend?
During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.
After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices.
Day 1 – Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental information security and privacy concepts and principles
- Privacy information management system (PIMS)
Day 2 – Audit principles, preparation, and launching of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
Day 3 – On-site audit activities
- Preparations for stage 2 audit (on-site audit)
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
Day 4 – Closing of the audit
- Drafting audit findings and nonconformity reports
- Audit documentation and quality review
- Closing of the audit
- Evaluation of action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
- Closing of the training course
Day 5 – Certification Exam
Learning Objectives
- Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
- Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit
Examination: Duration 3 hours
The “PECB Certified ISO/IEC 27701 Lead Auditor” exam complies with the PECB Examination and Certification Program (ECP) requirements. The exam covers the following competency domains:
Domain 1 – Fundamental principles and concepts of a Privacy Information Management System (PIMS).
Domain 2 – Privacy Information Management System (PIMS) requirements
Domain 3 – Fundamental audit concepts and principles
Domain 4 – Preparing an ISO/IEC 27701 audit
Domain 5 – Conducting an ISO/IEC 27701 audit
Domain 6 – Closing an ISO/IEC 27701 audit
Domain 7 – Managing an ISO/IEC 27701 audit program
For more detailed information about the PECB examination process, please visit Examination Rules and Policies.
Certification:
After successfully passing the exam, you can apply for the credential shown on the table below. You will receive the certificate once you comply with all the requirements related to the selected credential. Certification fees are included on the exam price. For more information about the PECB certification process, please refer to the Certification Rules and Policies.
| Credential | Exam | Professional experience |
PIMS audit experience |
Other requirements |
|---|---|---|---|---|
| PECB Certified ISO/IEC 27701 Provisional Auditor |
PECB Certified ISO/IEC 27701 Lead Auditor exam or equivalent |
None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Auditor |
PECB Certified ISO/IEC 27701 Lead Auditor exam or equivalent |
Two years: One year of work experience in Privacy Information Management System |
Audit activities: a total of 200 hours |
Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Lead Auditor |
PECB Certified ISO/IEC 27701 Lead Auditor exam or equivalent |
Five years: Two years of work experience in Privacy Information Management System |
Audit activities: a total of 300 hours |
Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Senior Lead Auditor |
PECB Certified ISO/IEC 27701 Senior Lead Auditor |
Ten years: Seven years of work experience in Privacy Information Management System |
Audit activities: a total of 1000 hours |
Signing the PECB Code of Ethics |
Note: PECB Certified individuals who possess the Lead Implementer and Lead Auditor credentials are qualified for the respective PECB Master Credential, given that they have taken 4 additional Foundation exams which are related to this scheme. For more detailed information about the Foundation exams and the overall Master credential requirements, please visit: https://pecb.com/en/master-credentials.
General Information
- Participants will be provided with the training material containing over 400 pages of explanatory information, discussion topics, examples and exercises.
- An attendance record certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
Who should attend?
- Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
- Managers or consultants seeking to master a PIMS audit process
- Individuals responsible for maintaining conformance with PIMS requirements
- Technical experts seeking to prepare for a PIMS audit
- Expert advisors in the protection of Personally Identifiable Information (PII)
| Date | Duration | Location |
|---|---|---|
| 5 days | Online/Live | |
| 5 days | Online/Live | |
| 5 days | Online/Live | |
| 5 days | Online/Live | |
| 5 days | Online/Live |
