Course Overview
Introduction:
Our ISO 27701 certification training is designed to equip you with the knowledge and skills needed to manage data privacy effectively.
This course is ideal for professionals aiming to advance their careers in data privacy management and is an excellent add on to the ISO 27001 certification program.
Key Features
Comprehensive Curriculum
Covering all aspects of the subject, from foundational priciples to advanced practices.
AI Driven Interactive Learning
Engaging Modules that include real-world scenarios, practical execercies, 24/7 Live Q&A and Quizzes.
Flexible Access
Learn at your own pace with 24/7 acces to course materials from any device.
High Sucess Rate
Proven track record of student sucess and certification pass rates.
Expert Instructors
Courses designed by industry leaders and experienced practitioners
Extensive Resources
500+ practice quizzes to test your knowledge and readlines, templates, checklists and lot more
Personalized Learning Paths
Custom Tailored to fit your specific learning type (Audio/Visual, Kinesthetic, Reading/Writing etc)
Content
Introduction
Clause 5.1: General
Clause 5.2 : Context of the Organization
Clause 5.2.2: Understanding the needs and expectations of interested parties
Clause 5.2.3: Determining the scope of the information
security management system
Clause 5.2.4: Information
security management system
Leadership
Clause 5.3: Leadership and commitment
Clause 5.3.2: Policy
Clause 5.3.3: Organizational roles, responsibilities and authorities
Clause 5.4.1.1: General
Clause 5.4.1.3: Information security risk treatment
Clause 5.4.2: Information security objectives and planning to achieve them
Clause 5.5.1: Resources
Clause 5.5.2: Competence
Clause 5.5.3: Awareness
Clause 5.5.4: Communication
Clause 5.5.5: Documented Information
Clause 5.5.5.1: General
Clause 5.5.5.2: Creating and updating
Clause 5.5.5.3: Control of documented information
Clause 5.6.1: Operational planning and control
Clause 5.6.2: Information security risk assessment
Clause 5.6.3: Information security risk treatment
Clause 5.7.1: Monitoring, measurement, analysis and evaluation
Clause 5.7.3: Management review
Clause 5.8.1: Nonconformity and corrective action
Clause 5.8.2: Continual improvement
Clause Pims-specific Guidance Related To Iso/iec 27002
General
Clause 6.2.1: Management Direction For Information Security
Clause 6.2.1.1: Policies for information security
Clause 6.2.1.2: Review of the policies for information security
Clause 6.3.1.1: Information security roles and responsibilities
Clause 6.3.1.2: Segregation of duties
Clause 6.3.1.3: Contact with authorities
Clause 6.3.1.4: Contact with special interest groups
Clause 6.3.1.5: Information security in project management
Clause 6.3.2: Mobile Devices And Teleworking
Clause 6.3.2.1: Mobile device policy
Clause 6.3.2.2: Teleworking
Security
Clause 6.4.1.1: Screening
Clause 6.4.1.2: Terms and conditions of employment
Clause 6.4.2: During Employment
Clause 6.4.2.1: Management responsibilities
Clause 6.4.2.2: Information security awareness, education and training
Clause 6.4.2.3: Disciplinary procedures
Clause 6.4.3: Termination And Change Of Employment
Clause 6.4.3.1: Termination or change of employment responsibilities
Clause 6.5.1: Responsibility For Assets
Clause 6.5.1.1: Inventory of Assets
Clause 6.5.1.2: Ownership of Assets
Clause 6.5.1.3: Acceptable use of Assets
Clause 6.5.1.4: Return use of Assets
Clause 6.5.2.1: Classification of information
Clause 6.5.2.2: Labelling of information
Clause 6.5.2.3: Handling of assets
Clause 6.5.3: Media Handling
Clause 6.5.3.1: Management of removable media
Clause 6.5.3.2: Disposal of media
Clause 6.6.1: Business Requirements Of Access Control
Clause 6.6.1.1: Access control policy
Clause 6.6.1.2: Access to networks and network services
Clause 6.6.2.1: User registration and de-registration
Clause 6.6.2.2: User access provisioning
Clause 6.6.2.3: Management of privileged access rights
Clause 6.6.2.4: Management of secret authentication information of users
Clause 6.6.2.5: Review of user access rights
Clause 6.6.2.6: Removal or adjustment of access rights
Clause 6.6.3.1: Use of secret authentication information
Clause 6.6.4: System And Application Access Control
Clause 6.6.4.1: Information access restriction
Clause 6.6.4.2: Secure log-on procedures
Clause 6.6.4.3: Password management system
Clause 6.6.4.4: Use of privileged utility programs
Clause 6.6.4.5: Access control to program source code
Clause 6.7.1: Cryptographic Controls
Clause 6.7.1.1: Policy on the use of cryptographic controls
Clause 6.7.1.2: Key management
Clause 6.8.1: Secure Areas
Clause 6.8.1.1: Physical security perimeter
Clause 6.8.1.2: Physical entry controls
Clause 6.8.1.3: Securing offices, rooms and facilities
Clause 6.8.1.4: Protecting against external and environmental threats
Clause 6.8.1.5: Working in secure areas
Clause 6.8.1.6: Delivery and loading areas
Clause 6.8.2.1: Equipment siting and protection
Clause 6.8.2.2: Supporting utilities
Clause 6.8.2.3: Cabling security
Clause 6.8.2.4: Equipment maintenance
Clause 6.8.2.5: Removal of assets
Clause 6.8.2.6: Security of equipment and assets off-premises
Clause 6.8.2.7: Secure disposal or re-use of-equipment
Clause 6.8.2.8: Unattended user equipment
Clause 6.8.2.9: Clear desk and clear screen policy
Clause 6.9.1: Operational Procedures And Responsibilities
Clause 6.9.1.1: Documenting operating procedures
Clause 6.9.1.2: Change management
Clause 6.9.1.3: Capacity management
Clause 6.9.1.4: Separation of development, testing and operational environments
Clause 6.9.2.1: Controls against malware
Clause 6.9.3.1: Information backup
Clause 6.9.4: Logging And Monitoring
Clause 6.9.4.1: Event logging
Clause 6.9.4.2: Protection of log information
Clause 6.9.4.3: Administrator and operator logs
Clause 6.9.4.4: Clock synchronization
Clause 6.9.5: Control Of Operational Software
Clause 6.9.5.1: Installation of software on operational systems
Clause 6.9.6: Technical Vulnerability Management
Clause 6.9.6.1: Management of technical vulnerabilities
Clause 6.9.6.2: Restriction on software installation
Clause 6.9.7: Information Systems Audit Considerations
Clause 6.9.7.1: Information systems audit controls
Clause 6.10.1: Network Security Management
Clause 6.10.1.1: Network controls
Clause 6.10.1.2: Security in network services
Clause 6.10.1.3: Segregation in networks
Clause 6.10.2: Information Transfer
Clause 6.10.2.1: Information transfer policies and procedures
Clause 6.10.2.2: Agreements for information transfer
Clause 6.10.2.3: Electronic messaging
Clause 6.10.2.4: Confidentiality or non-disclosure agreements
Clause 6.11.1: Security Requirements Of Information Systems
Clause 6.11.1.1: Information security requirements analysis and specification
Clause 6.11.1.2: Securing application services on public networks
Clause 6.11.1.3: Protecting application services transactions
Clause 6.11.2: Security In Development And Support Processes
Clause 6.11.2.1: Secure development policy
Clause 6.11.2.2: System change control procedures
Clause 6.11.2.3: Technical review of applications after operating platform changes
Clause 6.11.2.4: Restrictions of changes to software packages
Clause 6.11.2.5: Secure systems engineering principles
Clause 6.11.2.6: Secure development environment
Clause 6.11.2.7: Outsourced development
Clause 6.11.2.8: System security testing
Clause 6.11.2.9: System acceptance testing
Clause 6.11.3: Test Data
Clause 6.11.3.1: Protection of test Data
Clause 6.12.1 Information Security In Supplier Relationships
Clause 6.12.1.1 Information security policy for supplier relationships
Clause 6.12.1.2 Addressing security within supplier agreements
Clause 6.12.1.3 Information and communication technology supply chain
Clause 6.12.2 Supplier Service Delivery Management
Clause 6.12.2.1 Monitoring and review of supplier services
Clause 6.12.2.2 Managing changes to supplier services
Clause 6.13.1 Management Of Information Security Incidents And Improvements
Clause 6.13.1.1 Responsibilities and procedures
Clause 6.13.1.2 Reporting information security events
Clause 6.13.1.3 Reporting information security weaknesses
Clause 6.13.1.4 Assessment of and decisions on information security events
Clause 6.13.1.5 Response to information security incidents
Clause 6.13.1.6 Learning from information security incidents
Clause 6.13.1.7 Collection of evidence
Continuity Management
Clause 6.14.1 Information Security Continuity
Clause 6.14.1.1 Planning information security continuity
Clause 6.14.1.2 Implementing information security continuity
Clause 6.14.1.3 Verify, renew and evaluate information security continuity
Clause 6.14.2: Redundancies
Clause 6.14.2.1 Availability of information processing facilities
Clause 6.15.1.1 Identification of applicable legislation and contractual requirements
Clause 6.15.1.2 Intellectual property rights
Clause 6.15.1.3 Protection of records
Clause 6.15.1.4 Privacy and protection of personally identifiable information
Clause 6.15.1.5 Regulation of cryptographic controls
Clause 6.15.2 Information Security Reviews
Clause 6.15.2.1 Independent review of information security
Clause 6.15.2.2 Compliance with security policies and standards
Clause 6.15.2.3 Technical compliance review
Clause 7.1: General
Clause 7.2.1 Identify and document purpose
Clause 7.2.2 Identify lawful basis
Clause 7.2.3 d Determine when and how consent is to be obtaine
Clause 7.2.4 Obtain and record consent
Clause 7.2.5 Privacy impact assessment
Clause 7.2.6 Contracts with PII processors
Clause 7.2.7 Joint PII Controller Controller
Clause 7.2.8 Records related to processing PII
Clause 7.3.1 Determining and fulfilling obligations to PII principals
Clause 7.3.2 Determining information for PII principals
Clause 7.3.3 Providing information to PII principals
Clause 7.3.4 Provide mechanism to modify or withdraw consent
Clause 7.3.5 Provide mechanism to object to PII processing
Clause 7.3.6 Access, correction and/or erasure
Clause 7.3.7 PII controllers' obligations to inform third parties
Clause 7.3.8 Providing copy of PII processed
Clause 7.3.9 Handling requests
Clause 7.3.10 Automated decision making
Clause 7.4.1 Limit collection
Clause 7.4.2 Limit processing
Clause 7.4.3 Accuracy and quality
Clause 7.4.4 PII minimization and de-identification objectives
Clause 7.4.5 PII de-identification and deletion at the end of processing
Clause 7.4.6 Temporary files
Clause 7.4.7: Retention
Clause 7.4.8: Disposal
Clause 7.4.9 PII transmission controls
Clause 7.5.1 Identify basis for PII transfer between jurisdictions
Clause 7.5.2 Countries and international organizations to which PII
might be transferred
Clause 7.5.3 Records of transfer of PII
Clause 7.5.4 Records of PII disclosure to third parties
Clause 8.1: General
Clause 8.2.1 Cooperation agreement
Clause 8.2.2 Organization’s purposes
Clause 8.2.3 Marketing and advertising use
Clause 8.2.4 Infringing instruction
Clause 8.2.5 Customer obligations
Clause 8.2.6 Records related to processing PII
Clause 8.3.1 Obligations to PII principals
Clause 8.4.1 Temporary files
Clause 8.4.2 Return, transfer or disposal of PII
Clause 8.4.3 PII transmission controls
Clause 8.5.2 Countries and international organizations to which PII
might be transferred
Clause 8.5.3 Records of PII disclosure to third parties
Clause 8.5.4 Notification of PII disclosure requests
Clause 8.5.6 Disclosure of subcontractors used to process PII
Clause 8.5.7 Engagement of a subcontractor to process PII
Clause 8.5.8 Change of subcontractor to process PII
Why World Learns Here
- Leading Ed-AI Platform: The world’s first Ed-AI platform in Governance, Risk, and Compliance.
- Up-to-Date Content: Continuously updated to reflect the latest standards and best practices.
- Effective Training Methods: Proven to improve learning outcomes significantly.
- Trusted by Professionals: Over 5000 professionals certified through World Learns Here.
Target Audience:
- Data Privacy Managers
- IT Consultants
- Compliance Officers
- Risk Managers
- Privacy Professionals
Benefits of Certification
Global Recognition: The Certified Privacy Manager certification is globally recognized, enhancing your professional credibility and opening up international career opportunities.
Skill Enhancement: Gain in-depth knowledge and skills required to manage data privacy effectively, helping your organization maintain high privacy standards.
Career Growth: Certification can lead to career advancement opportunities, higher salaries, and increased job security in the field of data privacy management.
Professional Networking: Join a community of certified professionals, share knowledge, and gain insights from industry experts through our online forums and events.
Testimonials
Adeshina Olugun
Data Privacy Manager"World Learns Here’s Certified Privacy Manager course exceeded my expectations. The hands-on approach and practical exercises prepared me well for real-world privacy management scenarios."