Privacy Information Management System: ISO/IEC 27701 Lead Implementer

Overview:

Introduction:

By enhancing an existing ISMS based on ISO/IEC 27001 and the guidance of ISO/IEC 27002, the ISO/IEC 27701 Lead Implementer training course enables you to develop the necessary expertise to assist an organization in establishing, implementing, maintaining, and continuously improving a Privacy Information Management System (PIMS) based on ISO/IEC 27701.

Course Objectives:

At the end of this course the participants will be able to: 

• Learn the ideas, strategies, tactics, and procedures used in the setup and management of a PIMS.
• Find out how ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and legal frameworks relate to one another.
• Recognize the main procedures and how a PIMS based on ISO/IEC 27701 operates.
• Learn how to apply ISO/IEC 27701's requirements to the unique circumstances of a company.
• Develop the knowledge necessary to assist a company in efficiently developing, executing, managing, overseeing, and sustaining a PIMS.

Targeted Audience:

• Managers and advisors working in the privacy and data management fields
• Advisers with extensive experience attempting to establish a Privacy Information Management System
• People in organizations that are in charge of and liable for Personally Identifiable Information (PII)
• Those in charge of upholding compliance with the rules governing data privacy
• Team members of PIMS

Course Outline:

Unit1:  Introduction to ISO/IEC 27701 and initiation of a PIMS

• Training program goals and elements
• Standards and governing structures
• Information Management System for Privacy (PIMS)
• Information security and privacy fundamental ideas and tenets
• the beginning of PIMS implementation
• Analysis of the Statement of Applicability and the ISMS's scope
• PIMS range
• Management endorsement
• Policy on privacy
• Risk assessment for privacy

Unit2: Planning the implementation of a PIMS

• Impact analysis of privacy
• Application Statement for PIMS
• Documentation control
• Choice of controls
• Controls implementation

Unit3:  Implementing a PIMS

• Controls implementation (continued)
• putting in place measures tailored to PII controllers
• putting in place restrictions specifically for processors of PII

Unit4: PIMS monitoring, ongoing development, and certification audit preparation

• Awareness, training, and communication
• Monitoring, measurement, analysis, evaluation, and management review
•  Internal audit
• Treatment of nonconformities
• Continual improvement
• Preparing for the certification audit

Unit5: Certification Exa