Internal Auditor of Privacy Information Management Systems (ISO 27701, ISO 19011)

This online course provides the necessary knowledge and skills for conducting privacy information management system audits based on the ISO 27701:2019, ISO 19011:2018, ISO 17021:2015 standards, and the SIC (System of International Certification) system rules.

Course participants will learn about key components of privacy information management systems, including process management, quality control, risk management, continuous improvement, and meeting customer requirements. Special attention is given to ISO 27701, which extends ISO 27001 and ISO 27002 for managing information confidentiality, as well as the requirements of ISO 19011 and ISO 17021, which establish principles and requirements for the competence, consistency, and impartiality of bodies providing audit and certification services for management systems. The SIC system rules, which help businesses overcome technical barriers in international trade and provide equal access to global markets, are also discussed.

To enhance understanding, all course slides are voiced. Real-life cases will help participants better apply theory in practice. Structured information is divided into modules, making the learning process even more efficient.

Course program

Duration

36 hours

Language

English/Ukrainian

Format

100% online

Course objective

The goal of the course “Management System Auditor” is to provide participants with the knowledge and skills necessary to conduct audits of management systems in accordance with the requirements of ISO 27701, ISO 19011, ISO 17021 standards, and SIC Rules.

The main objectives of the course include:

Understanding Standards: Familiarizing participants with the requirements and principles of ISO 27701, ISO 19011, ISO 17021 standards, and SIC Rules.
Privacy Management: Studying the key provisions of ISO 27701, including personal information management systems (PIMS), privacy risk identification, compliance with legislative requirements, and data lifecycle management.
Audit Planning and Execution: Training participants in methods for planning, conducting, and documenting management system audits.
Conformity Assessment: Developing skills to evaluate the conformity of management systems to established standards.
Ensuring Impartiality: Ensuring objectivity and impartiality during the audit process.

Target audience

The target audience for the course “Internal Auditor of Management System (ISO 27701, ISO 19011)” includes:

Information Security Specialists: Those responsible for protecting confidential information within the organization.
Internal Auditors: Employees who are already conducting internal audits or planning to expand their knowledge in this area.
Risk Managers: Individuals responsible for managing risks and ensuring compliance with standards.
Management Consultants: Professionals providing consultancy services on information security and confidentiality issues.
Department Heads: Managers who wish to improve their knowledge of internal audits and confidentiality management.
IT Department Employees: Specialists dealing with the technical aspects of information protection and confidentiality.

Document on completion

Certificate of internal auditor of the QMS, listed in SIC international register

Thematic plan

===

Objectives

Internal Auditor of Privacy Information Management Systems (ISO 27701, ISO 19011)

		hours
І module. *Privacy information* *management* *systems* ISO 27701		18
1	Introduction to the PIMS and the GDPR	3
2	Specific PIMS requirements in accordance with ISO/IEC 27001	4
3	Specific PIMS requirements in accordance with ISO/IEC 27002	4
4	Objectives and controls for PII controllers	4
5	Objectives and controls for PII processors	2
	Test	1
ІІ module. Internal audit ISO 19011		18
1	Audit classification and objectives	3
2	Audit terminology and principles	4
3	Audit program management	3
4	Audit conducting and reporting	4
5	Competence and personal qualities of the auditor	2
	Test	1
	Case-reviews	1