Essential information about the course
This course will provide you with the knowledge and skills required to perform first, second and third-party audits of information security management systems against ISO/IEC 27701, in accordance with ISO 19011 and ISO/IEC 17021, as applicable.
You’ll gain the knowledge and skills to conduct and lead a Privacy Information Management Systems (PIMS) audit in accordance with internationally recognized best practice techniques.
You’ll grasp the key principles and practices of an effective PIMS audit in accordance with ISO 19011 ‘Guidelines for auditing management systems’. Using a systematic approach, you will be guided through the entire audit process from initiation to reporting on audit findings, and follow-up; that establishes conformity and enhances energy performance.
Working with our professional tutors over three days, you will gain the knowledge and practical skills required to undertake and lead a successful second-party PIMS audits. You will acquire the skills to plan, conduct, report and follow-up on an PIMS audit.
How will I benefit?
This course will help you:
- Identify the aims and benefits of an ISO/IEC 27701:2019 audit
- Interpret ISO/IEC 27701:2019 requirements for audit application
- Plan, conduct and follow-up auditing activities that add real value
- Grasp the application of risk-based thinking, leadership and process management
- Access the latest auditor techniques and identify appropriate use
- Build stakeholder confidence by managing audit processes in line with the latest requirements
Who should attend?
Any person or team tasked with, or interested in, leading an audit of an organization’s PIMS and those seeking to become a second-party PIMS auditor based on ISO/IEC 27701.
Existing ISO/IEC 27001 auditors within an organization implementing ISO/IEC 27701:2019.
What will I learn?
Upon completion of this course, you’ll be able to:
Knowledge
- Explain the purpose and benefits of an information security management system and of information security management systems standards
- Explain the basic structure of ISO/IEC 27701:2019
Skills
- Plan, conduct, report and follow-up an audit of a privacy information management system to establish conformity (or otherwise) with ISO/IEC 27701 and in accordance with ISO 19011 (and ISO/IEC 17021 where appropriate)
What is included?
Upon successful completion of your course, you’ll receive an internationally recognized BSI certificate.
Prerequisites
It is a prerequisite that you to attend our ISO/IEC 27701 requirements course (or equivalent); as the requirements of ISO/IEC 27701:2019 are not taught on this course. As ISO/IEC 27001 is a normative reference to ISO/IEC 27701, being a lead auditor to ISO/IEC 27001 is also required. It will also help if you have experience in conducting some internal audits and supplier audits.
