ISO/IEC 27701 Lead Auditor
Develop the skills to audit a Privacy Information Management System (PIMS) based on ISO/IEC 27701:2025.
- Duration
- 5 Days
- Level
- Advanced
- Format
- eLearning / Self-Study
- Exam
- Included
- Certification
- PECB
About this course
The ISO/IEC 27701 Lead Auditor training course is designed to support the development of skills needed to audit a privacy information management system (PIMS) based on ISO/IEC 27701:2025 by applying widely recognized audit principles, procedures, and techniques. Participants will learn to plan and carry out audits in compliance with ISO 19011, ISO/IEC 17021-1, and ISO/IEC 27706, and acquire the knowledge to manage an audit program. The course provides guidance on auditing the clauses of ISO/IEC 27701:2025, as well as the privacy controls for PII controllers and PII processors, explaining how to evaluate their implementation and effectiveness, and how to assess the organization’s ability to maintain, monitor, and continually improve its PIMS. After completing the course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential.
Learning objectives
- Explain the fundamental concepts and principles of a privacy information management system (PIMS) based on ISO/IEC 27701
- Interpret the ISO/IEC 27701 requirements for a PIMS from the perspective of an auditor
- Evaluate the PIMS conformity to ISO/IEC 27701 requirements, in accordance with the fundamental audit concepts and principles
- Plan, conduct, and close an ISO/IEC 27701 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
- Manage an ISO/IEC 27701 audit program
Target audience
- Auditors seeking to perform and lead PIMS certification audits
- Managers or consultants seeking to master a PIMS audit process
- Individuals responsible for maintaining conformance with PIMS requirements
- Technical experts seeking to prepare for a PIMS audit
- Expert advisors in the protection of PII
Prerequisites
A fundamental understanding of information security and privacy and a comprehensive knowledge of audit principles are required.