The aim of the course is to explain how ISO/IEC 27701 can extend an information security management system (ISMS) to include requirements for protecting personally identifiable information (PII) and provide a framework for a privacy information management system (PIMS). It also provides guidance for PII controllers and/or PII processors.
A PIMS framework will help to operate and maintain processes for organizations whilst providing assurance to your stakeholders.
- On successful completion of this awareness course, attendees will be able to:
- Understand the benefits of having an effective PIMS in place;
- Understand the content of ISO/IEC 27701, both requirements and guidance and how it improves processing of PII;
- Determine the effectiveness of an organization’s PIMS;
- Understand how the standard maps to the privacy framework and principles in other ISO/IEC standards (e.g., 29100, 27018 and 29151) and the EU General Data Protection Regulation;
- Inspire customer and partner trust;
- Protect an organization’s reputation;
- Inform senior management of the requirements of ISO/IEC 27701 to help them decide the next steps to take.
Working experience in ISO/IEC 27001 and related standards.
This course is suitable for anyone involved in planning, implementing, maintaining or supervising an ISO/IEC 27701 PIMS.