ISO/IEC 27701:2019 - PRIVACY
INFORMATION MANAGEMENT
SYSTEM (PIMS)

Overview

ISO/IEC 27701:2019 specifies the requirements and provides guidance for implementing a privacy information management system (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management, within the context of your organization.

Benefits of ISO 27701 Certification

 Support the continuous improvement process of the Privacy Information Management System within organizations.

 Recognize how to extend an ISO/IEC 27001 ISMS to include specific requirements for protecting your PII and implementing a PIMS (addressing both information security and privacy protection)

 Increase transparency of the organization’s processes and procedures

 Protect the organization’s reputation

 Understand the Privacy Information Management System implementation process

ISO 27701 Foundation (FD):

The ISO/IEC 27701 Foundation training course is designed to help participants understand the basic concepts and principles of a Privacy Information Management System (PIMS) based on ISO/IEC 27701.

After completing this course, you can sit for the exam and apply for an “S and BP Certified ISO 27701 Foundation” credential. An SandBP Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework, and management approach.

ISO 27701 Lead Implementer (LI):

The ISO/IEC 27701 Lead Implementer training course enables you to develop the necessary expertise to assist an organization to establish, implement, maintain and continually improve a Privacy Information Management System (PIMS) based on ISO/IEC 27701 by enhancing an existing ISMS based on ISO/IEC 27001 and the guidance of ISO/IEC 27002.

After mastering all the necessary concepts of PIMS, you can sit for the exam and apply for an “SandBP Certified ISO 27701 Lead Implementer” credential. By holding an S and BP Lead Implementer Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to implement ISO 27701 in an organization.

ISO 27701 Lead Auditor (LA):

ISO The ISO/IEC 27701 Lead Auditor training course enables you to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures and techniques. The ISO 27701 lead auditor training course is relevant for all types and sizes of organisations, including public and private companies, government entities, and not-for-profit organizations, which are PII controllers and PII processors processing PII within an ISMS.

After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for an “SandBP Certified ISO 27701 Lead Auditor” credential. By holding an S and BP Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.

Terms of Certification

 Candidates who score 70% and above in the examination will be issued an SANDBP certificate.

 In case you do not meet the pass mark, you can retake the exam for FREE after the first attempt while subsequent retakes would come at a cost.

Criteria for Suspending and Withdrawing the Scope of Certification

SANDBP reserves the right to suspend or revoke certifications for reasons including fraud, deceit, or submission of inaccurate data.

Process:

 Certificate holders will be notified by certified mail if evidence of charges is found.

 They may present their defense in writing to the certification board.

 The board will review the case and decide to uphold or deny the suspension/revocation.

Causes for Suspension/Withdrawal:

 Improper use of certificates/logos

 Malpractices

 Providing false information

 Ineligibility for applied examinations

 Voluntary suspension requests

Recertification Process

Recertification ensures that certified individuals maintain their knowledge and skills in line with the latest standards and practices. It is a critical process that reaffirms the competency of certified professionals, allowing them to stay current with evolving industry standards.

Criteria for Recertification:

 Transition Exam:

  • Individuals must take and pass a transition exam when there is a change in the current version of the certification standard.
  • The transition exam focuses on the updates and changes in the new version of the standard,     ensuring that certified individuals are knowledgeable about the latest requirements and practices.

 Adherence to Code of Ethics:

Certified individuals must adhere to a code of ethics, demonstrating professionalism and integrity in their practice. Any violations of the code of ethics may result in the suspension or revocation of certification

 Payment of Recertification Fees:

Payment of the required recertification fees is necessary to process and validate the renewal of certification.

Introduction

To maintain the integrity and fairness of our examinations, specific guidelines have been established for proctoring. These rules apply to all candidates and must be adhered to strictly. Failure to comply may result in disqualification or other disciplinary actions.

General Requirements

Technology Setup

  •  Device: Use a desktop or laptop with a working webcam and microphone. Mobile phones or tablets are not permitted unless explicitly allowed.
  •  Internet: Ensure a stable internet connection with sufficient bandwidth to stream video and audio continuously.
  •  Browser: Use the designated browser as specified by the exam platform.
  •  Power Backup: Ensure your device is fully charged and/or connected to a reliable power source.

Environmental Setup

  •  Location: Choose a quiet, well-lit room with minimal distractions.
  •  Background: Ensure the background is plain and free of any clutter or distractions.
  •  Privacy: No other person is allowed in the room during the examination.

Pre-Exam Procedures

Present a valid government-issued photo ID or institution-approved identification document. Ensure that no unauthorized materials (e.g., books, notes, or electronic devices) are present.

During the Exam
Behavior Guideline
  •  Focus on the Screen: Avoid looking away from the screen for extended periods.
  •  No Assistance: You are prohibited from receiving help from anyone or any external resource.
Prohibited Items
  •  Electronic devices such as mobile phones, tablets, smartwatches, and earphones.
  •  Books, notes, or any other study material unless explicitly permitted.
Proctor Interaction
  •  Follow all instructions given by the proctor.
  •  If contacted for clarification or rule enforcement, respond promptly and cooperatively.
  •  Inform the proctor immediately in case of technical issues.

Post-Exam Procedures

Submission
  •  Ensure your exam responses are submitted within the designated time.
  •  Do not close the exam window or disconnect until you receive confirmation that your submission is successful.
Feedback
  •  Report any technical issues or concerns to the designated support team immediately aƜer the exam.

Violations and Consequences

Examples of Violations

  •  Using unauthorized materials or devices.
  •  Attempting to impersonate another candidate.
  •  Engaging in suspicious behavior (e.g., frequent movement, talking).
  •  Disconnecting intentionally without justification.

Consequences

  •  Warnings for minor infractions.
  •  Disqualification of the exam attempt for major violations.

Support and Troubleshooting

Contact the technical support team in case of any issues with logging in, connectivity, or proctoring tools. (support@sandbp.net)

$33

  • Level : Foundation
  • Duration: 2 Days
  • Exam Duration : 1 hour
  • Retake Exam: Yes
  • Passing Score: 70%
Enroll Course

$170

  • Level : Lead Implementer
  • Duration: 4-6 Days
  • Exam Duration : 2 hours
  • Retake Exam: Yes
  • Passing Score: 70%
   Exam Is Proctored
Enroll Course

$170

  • Level : Lead Auditor
  • Duration: 4-6 Days
  • Exam Duration : 2 hours
  • Retake Exam: Yes
  • Passing Score: 70%
   Exam Is Proctored
Enroll Course