Privacy Information Management System: ISO/IEC 27701 Lead Implementer
Overview:
Introduction:
By enhancing an existing ISMS based on ISO/IEC 27001 and the guidance of ISO/IEC 27002, the ISO/IEC 27701 Lead Implementer training course enables you to develop the necessary expertise to assist an organization in establishing, implementing, maintaining, and continuously improving a Privacy Information Management System (PIMS) based on ISO/IEC 27701.
Course Objectives:
At the end of this course the participants will be able to:
- Learn the ideas, strategies, tactics, and procedures used in the setup and management of a PIMS.
- Find out how ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and legal frameworks relate to one another.
- Recognize the main procedures and how a PIMS based on ISO/IEC 27701 operates.
- Learn how to apply ISO/IEC 27701's requirements to the unique circumstances of a company.
- Develop the knowledge necessary to assist a company in efficiently developing, executing, managing, overseeing, and sustaining a PIMS.
Targeted Audience:
- Managers and advisors working in the privacy and data management fields
- Advisers with extensive experience attempting to establish a Privacy Information Management System
- People in organizations that are in charge of and liable for Personally Identifiable Information (PII)
- Those in charge of upholding compliance with the rules governing data privacy
- Team members of PIMS
Course Outline:
Unit1: Introduction to ISO/IEC 27701 and initiation of a PIMS
- Training program goals and elements
- Standards and governing structures
- Information Management System for Privacy (PIMS)
- Information security and privacy fundamental ideas and tenets
- the beginning of PIMS implementation
- Analysis of the Statement of Applicability and the ISMS's scope
- PIMS range
- Management endorsement
- Policy on privacy
- Risk assessment for privacy
Unit2: Planning the implementation of a PIMS
- Impact analysis of privacy
- Application Statement for PIMS
- Documentation control
- Choice of controls
- Controls implementation
Unit3: Implementing a PIMS
- Controls implementation (continued)
- putting in place measures tailored to PII controllers
- putting in place restrictions specifically for processors of PII
Unit4: PIMS monitoring, ongoing development, and certification audit preparation
- Awareness, training, and communication
- Monitoring, measurement, analysis, evaluation, and management review
- Internal audit
- Treatment of nonconformities
- Continual improvement
- Preparing for the certification audit