Master the implementation and management of Privacy Information Management System (PIMS) based on ISO/IEC 27701.
Why should you attend?
This training course is designed to prepare its participants implement a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701. Moreover, you will gain a comprehensive understanding of the best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes.
After mastering the implementation and management of a Privacy Information Management System (PIMS), you can sit for the exam and apply for a “PECB Certified ISO/IEC 27701 Lead Implementer” credential. The internationally recognized PECB Lead Implementer Certificate proves that you have the practical knowledge and professional capabilities to implement the ISO/IEC 277 requirements in an organization.
Course agenda
Day 1 – Introduction to ISO/IEC 27701 and initiation of a PIMS
- Training course objectives and structure
- Standards and regulatory frameworks
- Privacy Information Management System (PIMS)
- Fundamental concepts and principles of information security and privacy
- Initiation of the PIMS implementation
- Analysis of the ISMS scope and Statement of Applicability
- PIMS scope
- Management approval
- Privacy policy
- Privacy risk assessment
Day 2 – Planning the implementation of a PIMS
- Privacy impact assessment
- PIMS Statement of Applicability
- Documentation management
- Selection of controls
- Implementation of controls
Day 3 – Implementing a PIMS
- Implementation of controls (cont’d)
- Implementation of controls specific for PII controllers
- Implementation of controls specific for PII processors
Day 4 – PIMS monitoring, continual improvement and preparation for the certification audit
- Awareness, training, and communication
- Monitoring, measurement, analysis, evaluation, and management review
- Internal audit
- Treatment of nonconformities
- Continual improvement
- Preparing for the certification audit
- Certification process and closing of the training course
Day 5 – Certification Exam
Learning Objectives
- Master the concepts, approaches, methods and techniques used for the implementation and effective management of a PIMS.
- Learn about the correlation between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks.
- Understand the operation of a PIMS based on ISO/IEC 27701 and its principal processes.
- Learn how to interpret the requirements of ISO/IEC 27701 in the specific context of an organization.
- Develop the expertise to support an organization in effectively planning, implementing, managing, monitoring and maintaining a PIMS.
Examination: Duration 3 hours
The “PECB Certified ISO/IEC 27701 Lead Implementer” exam meets all the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competency domains:
Domain 1 – Fundamental principles and concepts of a Privacy Information Management System (PIMS)
Domain 2 – Privacy Information Management System controls and best practices
Domain 3 – Planning a PIMS implementation based on ISO/IEC 27701
Domain 4 – Implementing a PIMS based on ISO/IEC 27701
Domain 5 – Performance evaluation, monitoring and measurement of an ISMS based on ISO/IEC 27001
Domain 6 – Continuous improvement of a PIMS based on ISO/IEC 27701
Domain 7 – Preparing for a PIMS certification audit
For more detailed information about the PECB examination process, please visit Examination Rules and Policies.
Certification:
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential.
For more information about ISO/IEC 27701 certifications and the PECB certification process, please refer to the Certification Rules and Policies.
| Credential | Exam | Professional experience |
PIMMS project experience |
Other requirements |
|---|---|---|---|---|
| PECB Certified ISO/IEC 27701 Provisional Implementer |
PECB Certified ISO/ IEC 27701 Lead Implementer exam or equivalent |
None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Implementer |
PECB Certified ISO/ IEC 27701 Lead Implementer exam or equivalent |
Two years: One year of work experience in Privacy Information Management |
Project activities: a total of 200 hours |
Signing the PECB Code of Ethics |
| PECB Certified ISO/ IEC 27701 Lead Implementer |
PECB Certified ISO/ IEC 27701 Lead Implementer exam or equivalent |
Five years: Two years of work experience in Privacy Information Management |
Project activities: a total of 300 hours |
Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Senior Lead Implementer |
PECB Certified ISO/ IEC 27701 Lead Implementer exam or equivalent |
Ten years: Seven years of work experience in Privacy Information Management |
Project activities: a total of 1000 hours |
Signing the PECB Code of Ethics |
Note: PECB Certified Individuals who do possess the Lead Implementer and Lead Auditor Credentials are qualified for the respective PECB Master Credential, given they have taken 4 additional Foundation Exams which are related to this scheme. For more detailed information about the Foundation Exams and the overall Master Requirements, please go to the following link: https://pecb.com/en/master-credentials.
General Information
- Certification fees are included on the exam price.
- Training materials and practical examples will be distributed.
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued.
- In case of exam failure, you can retake the exam within 12 months for free.
Who should attend?
- Managers and consultants involved in privacy and data management
- Expert advisors seeking to master the implementation of a Privacy Information Management System
- Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations
- Individuals responsible for maintaining conformance with data privacy regimes requirements
- PIMS team members
| Date | Duration | Location |
|---|---|---|
| 5 days | Online/Live | |
| 5 days | Online/Live | |
| 5 days | Online/Live | |
| 5 days | Online/Live | |
| 5 days | Online/Live |
