Description
The ISO/IEC 27701 Lead Auditor training course enables you to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures and techniques.
During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.
After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices.
Who should attend?
The ISO/IEC 27701 Lead Auditor training course is intended for:
- Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
- Managers or consultants seeking to master a PIMS audit process
- Individuals responsible for maintaining conformance with PIMS requirements
- Technical experts seeking to prepare for a PIMS audit
- Expert advisors in the protection of Personally Identifiable Information (PII)
Learning Objectives
Upon successful completion of this training course, the participants will be able to:
- Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
- Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit
Educational approach
The training course is participant centered and contains:
- This training is based on both theory and best practices used in PIMS audits
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role-playing and discussions
- Practice tests are similar to the Certification Exam
Prerequisites
A fundamental understanding of information security and privacy, and a comprehensive knowledge of audit principles.
Course Agenda
- Day 1: Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701
- Day 2: Audit principles, preparation, and launching of an audit
- Day 3: On-site audit activities
- Day 4: Closing the audit
- Day 5: Certification exam
Examination
The “PECB Certified ISO/IEC 27701 Lead Auditor” exam complies with the PECB Examination and Certification Program (ECP) requirements. The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of a Privacy Information Management System (PIMS)
Domain 2: Privacy Information Management System (PIMS) requirements
Domain 3: Fundamental audit concepts and principles
Domain 4: Preparing an ISO/IEC 27701 audit
Domain 5: Conducting an ISO/IEC 27701 audit
Domain 6: Closing an ISO/IEC 27701 audit
Domain 7: Managing an ISO/IEC 27701 audit program
For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.
Certificate requirements
After successfully passing the exam, you can apply for the credential shown on the table below. You will receive the certificate once you comply with all the requirements related to the selected credential.
For more information about the PECB certification process, please refer to the Certification Rules and Policies.
The credentials in the PECB ISO/IEC 27701 certification scheme have the following requirements:
| Designation | Exam | Professional experience | MS audit/assessment experience | Other requirements |
| PECB Certified ISO/IEC 27701 Provisional Auditor | PECB Certified ISO/IEC 27701 Auditor Exam or equivalent | None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Auditor | PECB Certified ISO/IEC 27701 Auditor Exam or equivalent | Two years: One year of work experience in Privacy Information Management | Project activities: a total of 200 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Lead Auditor | PECB Certified ISO/IEC 27701 Auditor Exam or equivalent | Five years: Two years of work experience in Privacy Information Management | Project activities: a total of 300 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27701 Senior Lead Auditor | PECB Certified ISO/IEC 27701 Auditor Exam or equivalent | Ten years: Seven years of work experience in Privacy Information Management | Project activities: a total of 1,000 hours | Signing the PECB Code of Ethics |
To be considered valid, the audit activities should follow best audit practices and include the following:
- Planning an audit
- Managing an audit program
- Drafting audit reports
- Drafting nonconformity reports
- Drafting audit work documents
- Reviewing documented information
- Conducting on-site audit
- Following up on nonconformities
- Leading an audit team
General Information
- Certification and examination fees are included in the price of the training course
- Participants will be provided with the training material containing over 400 pages of explanatory information, discussion topics, examples and exercises.
- An attestation of course completion certificate of 31 CPD (Continuing Professional
- Development) credits will be issued to the participants who have attended the training course.
