PECB Certified ISO 27701 Lead Auditor
Training duration: 32 ac h (4 days). Certification exam is held on day 5.
Target audience:
Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
Managers or consultants seeking to master a PIMS audit process
Individuals responsible for maintaining conformance with PIMS requirements
Technical experts seeking to prepare for a PIMS audit
Expert advisors in the protection of Personally Identifiable Information (PII)
Prerequisites:A fundamental understanding of ISO/IEC 27001 and comprehensive knowledge of audit principles.
Contents of this training
After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27701 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.
Specific course content will include
- Day 1
- Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental information security and privacy
concepts and principles - Privacy information management system (PIMS)
- Day 2
- Audit principles, preparation and launching of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
- Day 3
- On-site audit activities
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
- Day 4
- Closing the audit
- Documentation of the audit and the audit quality review
- Closing the audit
- Evaluating action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
- Closing the training
- Day 5
- Certification Exam
Intended outcome
Learning objectives:
Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701;
Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory
frameworks;
Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in
accordance with ISO 19011;
Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit.
Price includes:
- online training;
- certification exam;
- course materials;
- certification of attendance the course.
Trainer
-
Andro KullAndro Kull during his career, has worked in both sectors, public and private. In the previous years he has worked for the financial sector with regards to IT and information security, and for the energy sector with regards to IT risks, where security and continuity demands are very high. Kull started his career as IT specialist and IT manager, and has worked extensively as IT auditor and as IT risk manager for one of the largest company in Estonia. At the same time, he founded a small consulting company and managed projects related to IT risk assessment, the implementation of security measures, business continuity planning (BC), planning for recovery (DR), and crisis management mostly in public sector organizations.
The international environment is not new to Andro Kull, since he has participated in the European Central Bank internet payment security working group. Kull has been cooperating with the IT banking supervisors on an international level. Furthermore, he has organized one international conference in Tallinn. In addition, he has worked for European Union DG Connect as advisor connected with IT risk management recommendations development.
Andro Kull holds a PhD degree from the University of Tampere, concentrating on the IT oversight and compliance verification methodologies, and he currently is lecturing IT risk and information security management issues at the University of Tallinn.
Related Events
