Course contents:
1. PIMS concepts and ISO 27701 standard
· PIMS concepts and benefits
· Risk assessment and management
· ISO 27701 process framework requirements
· ISO 27701 standard requirements
· PIMS documentation
2. Auditing principles
· Auditing objectives
· Types of Audits
· Process Approach
3. Roles and responsibility of auditors
· Auditors and lead auditors
· The auditors’ responsibilities
· The lead auditors’ responsibilities
· Auditors qualification and certifications
4. Planning an audit
· Pre-audit planning
· Reviewing documentation
· Developing an audit plan
· Preparing checklists or working documents
· Communication factors
5. Conducting an audit
· Opening meeting
· Collecting objective/audit evidence
· Effective interviewing techniques
· Identifying and recording nonconformities
· Preparing for the closing meeting
· Do’s and Don’t’s of auditing
6. Reporting audit results
· Conducting the closing meeting
· Preparing the audit report
· Distributing the audit report
7. Corrective actions
· Corrective action responsibilities
· Follow up scheduling
· Monitoring corrective action
8. ISO 27701 registration
· Choosing a registrar
· The registration process
· Surveillance audits
9. Exercises / Roleplay (50% of course time)
10. Examination
Privacy Information being a valuable asset and key information needs to be suitably protected like any other important business asset by any organization. In the modern world security of this asset becomes crucial for maintaining credibility. If this asset is compromised then the organization may have to face various risks like brand image erosion, and legal penalties etc. Privacy Information security is the protection of information from a wide range of threats in order to ensure regulatory and compliance requirements and minimize risk.
The course should be conducted by the experienced lead auditors, who have audited numerous organizations. This intensive course is a key requirement in becoming a registered auditor / lead auditor. It is structured to provide indepth understanding of ISO 27701:2019 requirements, knowledge and skills required to assess the Privacy Information Management System of an organization.
The comprehensive three-day course should be comprised of case studies, training, role-plays to ensure that the participant thoroughly understands the role of an auditor and acquires the expertise needed to perform effective audits.
Kishore Angrishi –
Interactive session with real life examples has made the whole training lively and interesting. Tushar is very knowledgeable and could explain all the concepts very well. Would highly recommend to anyone wishing to learn about ISO 27701 and GDPR.