Privacy information management system manager
(ISO/IEC 27701)
This online course provides the necessary knowledge and skills to develop, implement and maintain a privacy information management system (PIMS) based on ISO/IEC 27701:2018.
The participants of the training will gain knowledge about various components of the PIMS, including: PIMS- specific requirements in accordance with ISO/IEC 27001 and ISO/IEC 27002, objectives and controls for personal data controllers (PII), objectives and controls for PII processors.
Duration
18 hours
Language
English/Ukrainian
Format
100% online
Objectives
- Understand the principles of implementing the PIMS in accordance with the requirements of ISO/IEC 27701:2018
- Get a complete understanding of the concepts, approaches, methods and techniques required for effective PIMS management
- Understand the relationship between the PIMS and compliance with the requirements of various stakeholders of the organization
- Determine what role your organization plays within the PIMS and what objectives and controls are applicable to your organization.
Target audience
- Heads and specialists of departments responsible for information security and ensuring the protection of PII
- Project managers and consultants who wish to master the process of developing and implementing the PIMS
- Members of the PIMS implementation team at the organization
- Professionals who wish to gain in-depth knowledge of the PIMS
- Professionals involved in the day-to-day support of the PIMS processes
- Students of specialized faculties
Document on completion
PIMS Manager Certificate, listed in the SIC international register
Evaluation scale
60.0-100.0
0.0-59.9
Complies
Does not comply
Thematic plan
The course program includes:
1 Module – «Privacy information management systems (ISO/IEC 27701)»
The program is designed for 18 hours, including time for studying theoretical material and testing.
Objectives
Module 1 Privacy information management system manager (ISO/IEC 27701)
Number of hours
| 1 | Introduction | 3 |
| 2 | General provisions of the standard | 2 |
| 3 | PIMS-specific requirements related to ISO/IEC 27001 | 1 |
| 4 | PIMS-specific guidance related to ISO/IEC 27002 | 5 |
| 5 | PIMS-specific reference control objectives and controls (PII Controllers) | 3 |
| 6 | PIMS-specific reference control objectives and controls (PII Processors) | 3 |
| Testing | 1 |
Detailed content of the program Module 1 Privacy information management system manager (ISO/IEC 27701)
|
1 |
Introduction: – General – GDPR and its principles – Privacy information management systems – ISO/IEC 27701: target group and benefits |
|
2 |
General provisions of the standard: – Framework of the standard – Terms and definitions |
|
3 |
PIMS-specific requirements related to ISO/IEC 27001: – Additional privacy requirements |
|
.4 |
PIMS-specific guidance related to ISO/IEC 27002: – Information security policies – Organization of information security – Human resource security – Asset management – Access control – Cryptography – Physical and environmental security – Operations security – Communications security – Systems acquisition, development and maintenance – Supplier relationships – Information security incident management – Compliance |
|
5
|
PIMS-specific reference control objectives and controls (PII Controllers): – Terms of collection and processing of information – Obligations to PII subjects – Privacy by design and privacy by default – Exchange, transfer and disclosure of PII |
|
6 |
PIMS-specific reference control objectives and controls (PII Processors): – Terms of collection and processing of information – Obligations to PII subjects – Privacy by design and privacy by default – Exchange, transfer and disclosure of PII |