ISO/IEC 27701 Lead Auditor
Why Should You Attend?
During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.
After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices.
Who Should Attend?
- Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
- Managers or consultants seeking to master a PIMS audit process
- Individuals responsible for maintaining conformance with PIMS requirements
- Technical experts seeking to prepare for a PIMS audit
- Expert advisors in the protection of Personally Identifiable Information (PII)
Learning Objective
Upon successfully completing the training course, participants will be able to:
- Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
- Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit
Educational Approach
This training course is participant centered and:
- This training is based on both theory and best practices used in PIMS audits
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role-playing and discussions
- Practice tests are similar to the Certification Exam
Prerequisites
A fundamental understanding of information security and privacy, and a comprehensive knowledge of audit principles.
Course Agenda
Day 1 Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental information security and privacy concepts and principles
- Privacy information management system (PIMS)
Day 2 Audit principles, preparation, and launching of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
Day 3 On-site audit activities
- Preparations for stage 2 audit (on-site audit)
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
Day 4 Closing the audit
- Drafting audit findings and nonconformity reports
- Audit documentation and quality review
- Closing of the audit
- Evaluation of action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
- Closing of the training course
Day 5 Certification exam
General Information
Certification and examination fees are included in the price of the training course
Participants will be provided with the training material containing over 400 pages of explanatory information, discussion topics, examples and exercises.
An attestation of course completion certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
