ISO in the Sun: PECB ISO/IEC 27701 Privacy Information Management System (PIMS) Lead Implementer

This five-day course provides an overview to the structure of a Privacy Information Management System (PIMS) based on ISO/IEC 27701:2019, and how to implement the same in an organisation, e.g. for the purpose of certification.

Overview
This five-day course enables participants to develop the necessary expertise to support an organisation in implementing and managing a Privacy Information Management System based on ISO/IEC 27701:2019.

Participants will also gain a thorough understanding of requirements and guidance of ISO/IEC 27701:2019 as well as their relationship ISO/IEC 27001:2013 et al. and thus that between a PIMS and an ISMS.

Moreover, participants will gain a comprehensive understanding of best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes.

The course consists of a mix of presentation, discussion and exercises based on real-world examples.

Outline
Introduction to PIMS Concepts per ISO/IEC 27701:2019
Normative, Regulatory and Legal Framework
Fundamental Principles of Information Security and Privacy
Privacy Information Management System (PIMS)
Planning the PIMS Implementation
PIMS Scope and Privacy Policy
Privacy Risk Assessment
Privacy Impact Assessment
PIMS Statement of Applicability
Selection of Controls
Documentation Management
Implementing the PIMS
Implementation of a Document Management Framework
Implementation of Controls
Implementation of Controls specific to Controllers of Personally Identifiable Information (PII)
Implementation of Controls specific to PII
Awareness, Training und Communication
Performance Evaluation and Improving the PIMS
Monitoring the PIMS with Metrics, Performance Indicators etc
Internal Audit, Management Review and Corrective Actions
Implementation of a Continual Improvement Program
Preparing for the Certification Audit

Objectives
Completion of this course will enable students to
Understand the principles of a PIMS conforming to ISO/IEC 27701:2019, including the relationship to and ISMS, ISO/IEC 27001:2013, ISO/IEC 27002:2013 etc and regulatory frameworks
Apply concepts, approaches, standards, methods and techniques for the effective operation of a PIMS
Advise organisations on PIMS best practices
Manage teams implementing ISO/IEC 27701:2019

Audience
This course is aimed at students with (future) roles like Project managers, consultants and team members implementing privacy and data management
Data and privacy officers
CxO and senior managers of a PIMS and ISMS scope
Auditors requiring more PIMS implementation insight

Prerequisites
General understanding of common business processes.Some past exposure to information or IT security, management systems and / or project management helpful, but not required.

Examination and Certification
The course includes access to PECB's three-hour exam available in multiple languages to be taken online on the last day or any time after the course (own laptop required). Exam and first year certification fees are included in the course fees.

This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.

Exam and first year certification fees are included in the course fees.