ISO 27701 Privacy Information Management Systems Essentials
The ISO 27701 Privacy Information Management Systems Essentials training course is designed to help participants understand the basic concepts and principles of a Privacy Information Management System (PIMS) based on ISO/IEC 27701. Moreover, during this training course, students will learn more on the structure of the standard including its requirements, guidance, and controls on the protection of the privacy of Personally Identifiable Information (PII) principals and the relationship of the standard with ISO/IEC 27001 and ISO/IEC 27002.
At the end of this course, participants should be able to:
- Understand the fundamental concepts and principles of a privacy information management system (PIMS) based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Understand the approaches, standards, methods, and techniques used for the implementation and management of a PIMS
Course Outline
- I- Introduction to privacy information management systems (PIMS) concepts as specified in ISO / IEC 27701
- Standards and regulatory frameworks
- Privacy information management system
- Fundamental information security and privacy concepts and principles
- PIMS-specific requirements related to ISO /IEC 27001
- II- Privacy information management systems
- PIMS-specific guidance related to ISO / IEC 27002
- Additional ISO / IEC 27002 guidance for PII controllers
- Additional ISO /IEC 27002 guidance for PII processors
- Controls and control objectives
Course Duration
- 1 day – face to face
Delivery Methodologies
- Lecture and Discussion
- Activity / Quizzes
This course is recommended for:
- Privacy officers
- Individuals involved in information security and privacy management
- Individuals seeking to gain knowledge on the main processes of a privacy information management system
- Individuals interested in pursuing a career in privacy information management
- Individuals responsible for personally identifiable information (PII) within organizations
- Information security team members
