ISO 27701:2019 Lead Auditor

ISO/IEC 27701 is a data privacy extension to ISO/IEC 27001 and ISO/IEC 27002. This standard specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in compliance to data privacy requirements and regulations such as GDPR.

It is applicable to all organizations that act as Personally Identifiable Information (PII) controllers and / or PII processors within an Information Security Management System.

 

Gain the knowledge and skills to audit organisations’ Privacy Information Management Systems with our Lead Auditor ISO 27701:2019 e-course.

 

The course, designed by LiberoAssurance Training team aims to equip participants with the necessary information to effectively conduct PIMS audits, in accordance with the internationally recognized best practice techniques for ISO 27701:2019.

 

Aims & Objectives
  • Deliver the key requirements and benefits of ISO 27701:2019
  • Outline the steps towards effective privacy information management system
  • Provide the application of risk-based thinking, frameworks and process management
  • Present the key auditing techniques to plan, conduct and follow-up actions

 

Learning Outcomes

Having successfully completed this course you will be able to:

  • Learn the importance and benefits of an ISO 27701:2019 PIMS
  • Understand the key requirements, terms and definitions of ISO 27701:2019 and its structure
  • Grasp the application of business continuity-based thinking, leadership and process management, Plan-Do-Check-Act
  • Explain the role of an auditor to plan, conduct, report and follow up an audit in accordance with ISO 27701
  • Conduct effective audits in any auditing situation
  • Establish and plan the activities of an audit team
  • Communicate effectively with the auditee and audit client
  • Organise and direct audit team members
  • Prepare and complete the audit report
  • Use remote auditing methods

 

Who should attend?
  • Managers
  • Business professionals
  • Management system professionals
  • ISO Consultants

 

Prerequisite skills & knowledge: ISO/IEC 27001 and ISO/IEC 27002

 

Available in-house/distant learning? Yes

 

Created by: LiberoAssurance Continuous Professional Development Training Centre Level 1 – Accredited by Univab

 

Part A Contents: ISO 27701:2019 Requirements and Guidelines
Clauses 0 - 3
  • Introduction
  • Scope
  • Normative references
  • Terms and definitions
Clause 4 - General
  • Structure of this standard
  • Application of ISO/IEC 27001:2013 requirements
  • Application of ISO/IEC 27002:2013 guidelines
  • Customer
Clause 5 - PIMS-specific requirements related to ISO/IEC 27001
  • General
  • Context of the organization
  • Leadership
  • Planning
  • Support
  • Operation
  • Performance evaluation
  • Improvement
Clause 6 - PIMS-specific guidance related to ISO/IEC 27002
  • General
  • Information security policies
  • Organization of information security
  • Human resource security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • Systems acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance
Clause 7 - Additional ISO/IEC 27002 guidance for PII controllers
  • General
  • Conditional for collection and processing
  • Obligations to PII principals
  • Privacy by design and privacy by default
  • PII sharing, transfer and disclosure
Clause 8 - Additional ISO/IEC 27002 guidance for PII processors
  • General
  • Conditions for collection and processing
  • Obligations to PII principals
  • Privacy by design and privacy by default
  • PII sharing, transfer and disclosure
Annex A (normative)
  • PIMS-specific reference control objectives and controls (PII Controllers)
Annex B (normative)
  • PIMS-specific reference control objectives and controls (PII Processors)
Annex C (normative)
  • Mapping to ISO/IEC 29100
Annex D (informative)
  • Mapping to the General Data Protection Regulation
Annex E (informative)
  • Mapping to ISO/IEC 27018 and ISO/IEC 29151
Annex F (informative)
  • How to apply ISO/IEC 27701 to ISO/IEC 27001 and ISO/IEC 27002
 
 
Part B Contents: ISO 27701:2019 Lead Auditor
Audit Review
  • What is an audit?
  • Why Audit?
  • Audit Types
Audit Steps
  • Performing audit activities
  • Audit Plan
  • Developing Checklists
  • Opening Meeting
  • Conducting the Audit
  • Recording Results
  • Non-Conformities & Non-Compliances
  • Closing Meeting (s)
  • Audit Report
  • Audit follow-up
Audit Programme
  • Establishing the audit programme objectives
  • Identifying and evaluating audit programme risks and opportunities
  • Process flow for the management of an audit programme
  • Managing an audit programme
  • Audit programme Implementation
  • Monitoring audit programme
  • Improving audit programme
Accreditation & Certification
  • Accreditation & Certification Bodies
  • Certification Process
Auditor’s Performance
  • Auditor’s Quality
  • The Auditors conduct
  • Auditor’s Code Conduct
  • Auditor Characteristics
  • Auditor's personal behavior
  • Auditee’s conduct
  • Selecting the audit team members
  • Skills of audit team leaders
  • How to evaluate an Auditor
  • Maintaining and improving auditor competence
Psychological factors during an audit
  • Attitudes & relationships
  • Obstacles & communication
  • Space and Time issues
  • Body language
  • Cultural factors
  • Principles of Listening
  • Questions & questioning
Audit tips and techniques
  • Tips to trained auditor
  • Question Technique
  • Competence of the audit programme manager

 

Exam & Certification
  • Exam on ISO 27701:2019 PIMS Lead Auditor
  • “ISO 22301:2019 PIMS Lead Auditor” Certificate
Teaching Methods
  • Detailed seminar presentations (Available for download)
  • Terms and definitions
  • No. of slides: 326

 

Resources
  • Reading lists & Resources: Available in presentations

 

Study time allocation
  • Private study hours: 38
  • Trainer contact hours: Availability and competence of instructors upon request
  • Enrollment Duration: 90 days (starting from the date of purchase)
 
Credits
  • CPD Points: 38
  • ECTS/ECVET Points: 1.3

 

Assessment methods

Hours

% contribution to final mark

% Minimum passing grade

Exam for ISO 27701:2019 Privacy Information Management System Lead Auditor

1

100

60

Outcomes/Certificates

On successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’

 

With the purchase you get :

   Non conformities - Real Examples
   Audit checklist
   Online examination-3 Attempts
   100% Online course
   CPD Accredited eCertificate – Global acceptance 
   Downloadable course material
  E-learning Mobile App
   Enrolment: 3 months
   Flexible schedule
   Language: English

 


220,00 € each



© Copyright LiberoGroup  All rights reserved.