ISO/IEC 27701:2019 Internal Auditor - International

ISO/IEC 27701:2019 is designed to help organizations better understand, manage and reduce their risks around personal information. ISO/IEC 27701:2019 is designed to specify requirements and provide guidance for establishing, implementing, maintaining and continually improving a PIMS in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of your organization.

Once an organization has implemented ISO/IEC 27701:2019, it is imperative that it measures the effectiveness of its implementation efforts to better understand what is working well and where things might be improved. The framework has been designed with flexibility in mind, which will enable organizations to respond to the results of their measuring efforts by making adjustments to their implementation.

By attending this one-day course, you’ll understand why measurement and analysis of the framework implementation is so important and what areas internal audit should focus on to ensure its effectiveness.

This course will provide you with sufficient information on auditing your ISO/IEC 27701:2019 implementation to enable you and your organization to understand, detect, correct and monitor the effectiveness of the framework. You will be provided with a series of practical exercises and class discussions, which will develop your internal audit ability.

Prerequisites

The course is aimed at anyone already involved and qualified in auditing management systems such as ISO/IEC 27001 and ISO 9001 and is interested in gaining experience and knowledge in conducting ISO/IEC 27701:2019 process audits.

Apart from having an understanding of the key principles of auditing, you should already have a good knowledge of ISO/IEC 27701 and the key principles of a privacy* information management system (PIMS), equivalent to having attended our ISO/IEC 27701 Requirements course.

*While ISO/IEC 27701 addresses personally identifiable information (PII) and a predecessor standard, BS 10012, used the term ‘personal information management system’, the immediate predecessor standard, ISO/IC 27552, introduced ‘privacy information management system’.

Pedagogical objectives

  • Gaining a greater understanding of some of the key operational requirements of ISO 27701 (Clause 5) and how to go about assessing them
  • Practicing your internal auditing skills by conducting four detailed process audits
  • Understanding what areas of the standard should be audited, and techniques and approaches to consider
  • Establishing an understanding of the issues organizations face when maintaining and auditing framework processes
  • Interpreting some of the more subjective requirements of the standard

These training modules are eligible to the subsidizing by the public institutions in France (OPCO);

*Each delegate receives a training convention after the enrolment.

**Please note that for the public sessions, you have until 48h before the start of the course to confirm your enrolment. For the in-house sessions, the deadline would be of two weeks prior to the start of the course.

***Should you be in a disabled situation, please contact us and indicate what details should be taken into account.

You can contact us on training.france@bsigroup.com or 01 89 79 00 40

international training

Do you need more information?

If you have any concerns, please do not hesitate to contact our service department on the following numbers:

Telephone: 01 89 79 00 40
Email: training.france@bsigroup.com Or via the webchat service on our website: bsigroup.com


You will be put in touch with our team if necessary.

Fill in our form