How to achieve compliance with GDPR and related data protection requirements?
Training Objective
Protecting personal data is not only a legal obligation but also a cornerstone of a trustworthy and sustainable business approach. ISO/IEC 27701:2019, as an extension to ISO/IEC 27001, integrates the personal information management (PIMS) dimension into an organization’s information security management system.
The ISO/IEC 27701 Implementer Training offered by GOVISEC is designed for professionals who want to make personal data processing activities systematic, measurable, and compliant with applicable regulations. The training provides a detailed, practical approach to how to establish a GDPR-aligned PIMS, including the required documentation and operational steps.
🎯 What You Will Learn in This Training?
- Structure, purpose, and integration of ISO/IEC 27701 with ISO/IEC 27001
- Components of the Personal Information Management System (PIMS)
- Personal data processing requirements under GDPR
- Roles: data controller, data processor, and stakeholders
- Compliant documentation: privacy notices, explicit consent, inventories, and contracts
- Risk assessment and Data Protection Impact Assessment (DPIA)
- Retention and disposal processes, auditing, and continuous improvement
- Learning through practical scenarios and sample documentation
👤 Who Should Attend?
- Professionals involved in information security, GDPR, and personal data protection processes
- Organizations aiming to extend their ISO/IEC 27001 framework with PIMS
- GDPR compliance teams, IT managers, and system implementers
- Internal representatives from any function involved in personal data processing
📜 Training Duration and Certification
- Training duration: 3 days (intensive, hands-on training)
- Format: Online or in-person
- Participants will receive an “ISO/IEC 27701:2019 Implementer Training Certificate of Participation.” Throughout the training, sample documents, checklists, and implementation templates are provided.