ISO/IEC 27701:2019 specifies the requirements and provides guidance for implementing a privacy information management system (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management, within the context of your organization.

By attending our two-day course, you will understand how to implement the principles of ISO/IEC 27701:2019 and the required changes to extend your ISMS. It will help you understand how the requirements of ISO/IEC 27701 provide the basis of an effective PIMS and provides guidance for personally identifiable information (PII) controllers and/or processors, processing PII.

With the full support of a world-class BSI tutor, you’ll learn about ISO/IEC 27701:2019 common terms and definitions, as well as the how to implement the key concepts and requirements.

This course will provide you with sufficient information on auditing your ISO/IEC 27701:2019 implementation to enable you and your organization to understand, detect, correct and monitor the effectiveness of the framework. You will be provided with a series of practical exercises and class discussions, which will develop your internal audit ability.

Course Aim

To provide a typical framework for extending your ISO/IEC 27001 information security management system (ISMS) including the more specific requirements and guidance for protecting your organization’s personally identifiable information (PII), together constituting a privacy information management system (PIMS).

How will I benefit?

This course will help you to:

• Recognize how to extend an ISO/IEC 27001 ISMS to include specific requirements for protecting your PII and implementing a PIMS (addressing both information security and privacy protection)
• Identify where adjustments might need to be made to your ISMS to accommodate your situation and progress made to date, in respect of protecting privacy
• Increase your knowledge of the requirements and guidance contained within ISO 27701, from an implementation perspective

Your learning will be through an activity-based, delegate-centred approach. This will help you share experiences and knowledge with other attendees; bringing alive the information presented and resulting in enhanced retention and application to your own workplace.

What will I learn?

The course covers the following specific learning objectives:

Knowledge:

• Recognize a typical framework for extending your ISO/IEC 27001 ISMS to include specific requirements and guidance for protecting personally identifiable information (PII) and implementing a PIMS
• Interpret key requirements and guidance of ISO/IEC 27701 from both a PII controller and processor implementation perspective
• Identify the benefits to your organization of implementing an ISO/IEC 27701 PIMS

Skills:

• Conduct a gap analysis of your organization’s current compliance with the requirements of ISO/IEC 27701
• Implement the key requirements and guidance of ISO/IEC 27701

Who should attend?

Anyone involved in planning, implementing, maintaining or supervising an ISO/IEC 27701 PIMS. The course is equally relevant to PII controllers and PII processors.

Duration

2 days

How will I learn?

Our unique accelerated learning approach fast tracks learning by improving your knowledge retention and skill application. This course involves practical activities, group discussions and classroom learning to help you develop a deeper understanding of the material and have a greater impact on job performance.

What will I gain?

On completion, you'll be awarded an internationally recognized BSI Training Academy certificate.

Prerequisites

You should already have a good knowledge of implementing an ISMS based on ISO/IEC 27001 and ISO/IEC 27002 and be looking to extend your ISMS to include privacy information management.

A good knowledge of PIMS requirements and terminology is recommended.

You should have previously attended an ISO/IEC 27701 requirements course and we also recommend that you understand whether a PIMS is currently employed in your organization.

Related training

You may also be interested in our ISO/IEC 27701:2019 Audit training courses.