BS 10012:2017 +A1:2018 Personal Information Management System (PIMS) is designed to help organizations better understand, manage and reduce their risks around personal information. However, the framework is not a ‘one size fits all’ solution and its implementation will vary depending upon the nature, size and complexity of the organization, and the nature of the information it processes.

Once an organization has implemented BS 10012:2017 +A1:2018, it’s imperative that it measures the effectiveness of its implementation efforts to better understand what is working well and where things might be improved. The framework has been designed with flexibility in mind, which will enable organizations to respond to the results of their measuring efforts by making adjustments to their implementation.

By attending this one-day course, you’ll understand why measurement and analysis of the framework implementation is so important and what areas the internal audit should focus on to ensure its effectiveness.

This course will provide you with sufficient information on auditing the implementation of BS 10012:2017 +A1:2018 to enable you and your organization to understand, detect, correct and monitor the effectiveness of the framework. You’ll be provided with a series of practical activities and class discussions, which will develop your internal audit ability.

 

Course Aim

This practical and highly-interactive course aims to ensure that you’re able to effectively audit the policies, processes and procedures that your organization has implemented. You’ll be able to validate that they meet the requirements of a Personal Information Management System (PIMS) to the British Standard BS 10012:2017 +A1:2018.

How will I benefit?

This course will help you:

• Gain a greater understanding of some of the key operational requirements of BS 10012:2017 +A1:2018 (Clause 8) and how to go about assessing them
• Practice your internal auditing skills by conducting four detailed process audits
• Understand what areas should be audited, and techniques and approaches to consider
• Establish an understanding of the issues organizations face when maintaining and auditing framework processes
• Interpret some of the more subjective requirements of the standard

What will I learn?

You’ll be able to explain:

• The key operational requirements of BS 10012:2017 +A1:2018 (Clause 8) and how to go about assessing them
• What and who should be audited and why
• Where to look for evidence when conducting audits
• Common traps that organizations fall into when implementing BS 10012:2017 +A1:2018
• How to audit your organization by taking a pragmatic business-focused approach against requirements which can be open to interpretation

You’ll have the skills to:

• Conduct process audits in the following areas:
  • Roles, responsibilities and competences
  • Subject access request procedures
  • Suppliers
  • Incident management

Who Should Attend?

Anyone who wants to learn:

• How to assess the effectiveness of an organization’s BS 10012 implementation
• Practical techniques and methods which can be adopted in order to effectively internally audit and maintain a BS 10012:2017+A1:2018 system
• How to internally audit BS 10012:2017+A1:2018

The course is applicable to representatives from any size or type of organization who are currently involved in planning, implementing and maintaining a PIMS to the BS 10012:2017 +A1:2018 framework.

Duration

One day

How will I learn?

Our unique, accelerated approach fast tracks learning, improves knowledge retention and ensures you get the skills to apply your knowledge straight away. This course involves practical activities, group discussions and classroom learning to help you develop a deeper understanding of the material and have a greater impact on job performance. This course takes a practitioner approach where most of the time spent will be undertaking activities.

What will I gain?

On completion, you’ll be awarded an internationally recognized BSI Training Academy certificate.

Prerequisites

We recommend that you have knowledge of the requirements of Personal Information Management Systems (PIMS) and the standard BS 10012:2017 +A1:2018. The requirements of this standard are not specifically taught on this course.

It would be highly beneficial for you to have attended the BS 10012:2017 +A1:2018 Requirements course before you take this course.

We also recommend that you have an awareness of data protection issues and basic understanding of data protection principles and terminology. 

It would be highly advantageous for you to have an understanding of your own organization’s current PIMS.

You’re likely to already be an internal or lead auditor and familiar with auditing management systems as this course is not aimed at teaching how to audit, rather what and how to audit BS 10012:2017 +A1:2018.

Related training

You may also be interested in our BS 10012:2017 Requirements and Implementation Courses.  Other data protection related courses include our range of GDPR Foundation, Implementation and Auditing/Maintenance courses and our ISO/IEC 27701:2019 Requirements, Implementation and Auditing courses.  You may also be interested in our BSI Entropy Software which can support your BS 10012 implementation.