ISO/IEC 27701:2019 is designed to help organizations better understand, manage and reduce their risks around personal information. ISO/IEC 27701:2019 is designed to specify requirements and provide guidance for establishing, implementing, maintaining and continually improving a PIMS in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of your organization.
Once an organization has implemented ISO/IEC 27701:2019, it is imperative that it measures the effectiveness of its implementation efforts to better understand what is working well and where things might be improved. The framework has been designed with flexibility in mind, which will enable organizations to respond to the results of their measuring efforts by making adjustments to their implementation.
By attending this one-day course, you’ll understand why measurement and analysis of the framework implementation is so important and what areas internal audit should focus on to ensure its effectiveness.
This course will provide you with sufficient information on auditing your ISO/IEC 27701:2019 implementation to enable you and your organization to understand, detect, correct and monitor the effectiveness of the framework. You will be provided with a series of practical exercises and class discussions, which will develop your internal audit ability.
Who should attend?
Anyone who wants to learn:
- How to audit and assess the effectiveness of an organization’s PIMS designed to conform to ISO/IEC 27701:2019
- Practical techniques and methods which can be adopted in order to effectively internally audit and maintain a PIMS
The course is applicable to representatives from any size or type of organization who are currently involved in planning, implementing and maintaining a PIMS to the ISO/IEC 27701:2019 standard.
What will I learn?
You will be able to:
- Recognize the key operational requirements of ISO/IEC 27701:2019 and how to go about assessing them
- Identify what and who should be audited and why
- Recall where to look for evidence when conducting audits
- Determine how to take a pragmatic business-focused approach to auditing your organization against requirements which can be open to interpretation
You will have the skills to:
- Conduct audits in all aspects of PIMS processes
- Conduct audits in all aspects of privacy control selection, implementation and effectiveness
How will I benefit?
The benefits of attending this BSI training course include:
- Gaining a greater understanding of some of the key operational requirements of ISO 27701 (Clause 5) and how to go about assessing them
- Practicing your internal auditing skills by conducting four detailed process audits
- Understanding what areas of the standard should be audited, and techniques and approaches to consider
- Establishing an understanding of the issues organizations face when maintaining and auditing framework processes
- Interpreting some of the more subjective requirements of the standard
- Detailed course notes
- On completion, you'll be awarded an internationally recognized BSI Training Academy certificate