ISO/IEC 27701:2019 specifies the requirements and provides guidance for implementing a privacy information management system (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management, within the context of your organization.
By attending our two-day course, you will understand how to implement the principles of ISO/IEC 27701:2019 and the required changes to extend your ISMS. It will help you understand how the requirements of ISO/IEC 27701 provide the basis of an effective PIMS and provides guidance for personally identifiable information (PII) controllers and/or processors, processing PII.
With the full support of a world-class BSI tutor, you’ll learn about ISO/IEC 27701:2019 common terms and definitions, as well as the how to implement the key concepts and requirements.
Prerequisites
You should already have a good knowledge of implementing an ISMS based on ISO/IEC 27001 and ISO/IEC 27002 and be looking to extend your ISMS to include privacy information management.
A good knowledge of PIMS requirements and terminology is recommended.
You should have previously attended an ISO/IEC 27701 requirements course, and we also recommend that you understand whether a PIMS is currently employed in your organization.
Pedagogical objectives
- Recognize how to extend an ISO/IEC 27001 ISMS to include specific requirements for protecting your PII and implementing a PIMS (addressing both information security and privacy protection)
- Identify where adjustments might need to be made to your ISMS to accommodate your situation and progress made to date, in respect of protecting privacy
- Increase your knowledge of the requirements and guidance contained within ISO 27701, from an implementation perspective
Your learning will be through an activity-based, delegate-centered approach. This will help you share experiences and knowledge with other attendees; bringing alive the information presented and resulting in enhanced retention and application to your own workplace.
Skills to be acquired
Upon completion of this training, you will be able to:
- Recognize a typical framework for extending your ISO/IEC 27001 ISMS to include specific requirements and guidance for protecting personally identifiable information (PII) and implementing a PIMS
- Interpret key requirements and guidance of ISO/IEC 27701 from both a PII controller and processor implementation perspective
- Identify the benefits to your organization of implementing an ISO/IEC 27701 PIMS
- Conduct a gap analysis of your organization’s current compliance with the requirements of ISO/IEC 27701
- Implement the key requirements and guidance of ISO/IEC 27701
Targeted audience
Anyone involved in planning, implementing, maintaining or supervising an ISO/IEC 27701 PIMS. The course is equally relevant to PII controllers and PII processors
Pedagogical, technical and framing means
Course materials including:
- Introduction to the training, detailed program and security assignments
- Course presentation, theory and activities/ role plays
- Answers to the activities
- Videos
- Additional documents, distributed during the sessions, to use for the activities
- Attendance sheet to be signed
Assessment specifics
- Questionnaire to assess the knowledge at the end of the training
- Customer survey
What is included ?
- Course materials, provided electronically
- Letter of attestation
- Official certificate
Do you need more information?
If you have any concerns, please do not hesitate to contact our service department on the following numbers:
Telephone: 01 89 79 00 40
Email: training.france@bsigroup.com Or via the webchat service on our website: bsigroup.com
You will be put in touch with our team if necessary.
