Data Protection 27701 Lead Implementer – ISO 27701 formação

Introdução

This course is available to be delivered in a classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.

Click to learn how > Live Online Training works < This course enables participants to develop the necessary expertise to support an organization in implementing and managing an Data Protection Management System (DPMS) as specified in REGULATION (EU) 2016/679 (GDPR).

Participants will gain a thorough understanding of best practices used to implement the DPMS (or PIMS) based on the General Data Protection Regulation (GDPR) and through organizational context and incorporation of interested parties. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems – Guidelines for Quality Management in Projects).

The training course presents an holistic implementation approach based on a DPMS (or, PIMS) methodology, supported by the requirements of GDPR and ISO/IEC 27701, the European Data Protection Board (EDPB) guidelines, related privacy and data protection best practices from ENISA and NIST, and other recognized standards, practices and frameworks, such as ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 29100, BS 10012, among others.

This 5-day course prepares the participants for the Behaviour Data Protection Lead Implementer (DPLI) certification. This certification is aligned with ISO/IEC 17024 and therefore valid at international level.

Because it is a course with a very relevant practical impact, participants are invited to implement a Data Protection Management System, in the classroom, during training, based on a case study. This practice supports the necessary theoretical part of the training and establishes a clear link between theory, regulation and how to do it. In this way, participants are able to transfer the knowledge of training to the job and acquire a greater critical sense about the requirements and their applicability in the organization.

Metodologia

The DPLI training course is based on both theory and practice sessions with:

• Lectures illustrated with examples based on real cases
• Practical exercises based on a full case study including oral presentations
• Review exercises that assist in preparation to the certification exam.

To benefit from the practical exercises, the number of training participants is limited.

Destinatários

• Project managers, information security professionals, consultants, and designated DPO’s for public organizations or by private companies wanting to prepare and to support an organization in the implementation of a Data Protection Management Systems (DPMS) based on GDPR
• Privacy and data protection consultants and/or auditors involved or supporting organizations on the compliance with EU data protection requirements
• Auditors who wish to fully understand the GDPR implementation process using a Data Protection Management Systems (DPMS) approach
• CxO and Senior Managers responsible for the governance of an enterprise and the management of its data protection risks
• Members of information security and/or data protection teams
• Expert advisors in privacy, data protection and information security
• Technical experts wanting to prepare for a data protection or information security function or for a DSMS project management function.
• Any professional wanting to acquire the necessary skills to implement an EU GDPR based Data Protection Management System (DPMS), supported by the requirements of ISO/IEC 27701 (PMIS)

Pré-Requisitos

Participants should understand English as the course documentation is in this language.

Duração (dias)

5 days

Objectivos Gerais

At the end of the course students should be able to:

• identify and know how to apply the main privacy and data protection concepts and terminology
• understand the main privacy and data protection frameworks, including the details of EU GDPR regulation, ISO/IEC 27701 and the foundations of related data protection frameworks
• understand the roles and responsibilities of the several stakeholders, including the DPO, on the compliance of the GDPR and their involvement on the implementation and operation of a Data Protection Management System based on GDPR, supported by ISO/IEC 27701
• acquire necessary expertise in understanding the business context of an organization when implementing the GDPR framework
• know how to implement a Data Protection Management System to comply with the requirements of GDPR, supported by ISO/IEC 27701
• understand the importance of other related interested parties (shareholders, authorities, clients, partners, etc.) and their role in the DPMS (or, PMIS)
• gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Data Protection Management System based on GDPR, supported by ISO/IEC 27701
• understand the relationship between the components integrated into organizational context, including risk management, related interconnections with data protection impact assessments (DPIA), controls, measures and compliance with the requirements of different stakeholders of the organization
• develop knowledge and skills required to advise organizations on best practices in the management of privacy and data protection, including on the implementation of related information security measures
• know how to draft and implement the needed data protection and information security measures and controls based on the latest international best practices, including ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27701, ISO/IEC 29100 family standards, and other recognized international recognized practices
• know how to implement a personal data breach management process based on the requirements of GDPR, supported by ISO/IEC 27701 and the EDPB guidelines, and understand its integration with an information security incident management process based on ISO/IEC 27035
• improve the capacity for analysis and decision making in the context of privacy and data protection management
• acquire the needed expertise to support an organization on the preparation for a certification audit under the GDPR requirements, supported by ISO/IEC 27701
• acquire the knowledge needed to succeed on the BEHAVIOUR DPLI exam and become a Certified Data Protection Lead Implementer (DPLI) professional

Programa

1. Day 1: Introduction to GDPR and privacy and data protection concepts and principles; Initiation of a DPMS
   • Course objectives and structure
   • Fundamental concepts and principles of privacy and data protection
   • Privacy and data protection in EU and related frameworks
   • Mapping the GDPR and ISO/IEC 27701 requirements to a DPMS approach
   • Initiating the implementation of a DPMS based on GDPR, supported by ISO/IEC 27701
   • Context of an organization and data protection objectives
   • Preliminary analysis and establishment of the level of the maturity of the existing management system
   
   
2. Day 2: Planning the implementation of a DPMS
   • Leadership and DPMS project approval
   • Defining the DPMS scope
   • Development of data protection policies
   • Risk management based on ISO 31000
   • Implementing an DPIA integrated approach as part of the ERM
   • Definition of the organizational structure for data protection
   
   
3. Day 3: Implementing a DPMS
   • Implementation of a document management process
   • Identification of mandatory documentation
   • Design of data protection measures, related controls and writing procedures
   • Implementation of data protection measures, related controls and procedures
   • Data protection training, awareness, communication and knowledge management
   • Incident management based on ISO/IEC 27035
   • Personal data breaches management using an integrated approach
   • Operations management of a DPMS based on GDPR, supported by ISO/IEC 27701
   
   
4. Day 4: Measuring and improvement a DPMS; Preparation for a GDPR compliant certification audit, supported by ISO/IEC 27701
   • Monitoring, measurement, analysis and evaluation based on ISO/IEC 27004
   • Internal audit
   • Management review of the DPMS
   • Managing non-conformities and applying corrective actions
   • Continual improvement
   • Preparing for the certification audit under the GDPR, supported by ISO/IEC 27701
   
   
5. Day 5: Data Protection 27701 Lead Implementer (DP27701LI) exam

Exame

The “Data Protection 27701 Lead Implementer” exam fully covers the following competence domains:

• Domain 1: Concepts and principles of privacy and data protection
• Domain 2: EU GDPR and related data protection frameworks
• Domain 3: Planning the implementation of a DPMS
• Domain 4: Implementing and management of a DPMS
• Domain 5: Performance evaluation, auditing and reviewing a DPMS
• Domain 6: Improving a DPMS
• Domain 7: Preparing for the certification audit of a DPMS

The “Data Protection 27701 Lead Implementer” exam is available in Portuguese and English language.
Duration: 3,5 hours, passing score 70%.
Exam available on-site and online.
This is a two parts exam, with part one being a 40 multiple choice questions (1 hour, closed book) and part two with 10 essay questions (2,5 hours, open book, i.e. the participants can use all the documentation provided during the course).
The exam result is sent via email to the candidate within two months after the examination, being the exam result graduated in qualitative note: “Pass or Fail”.
In the case of a failure, the result will be accompanied with the list of domains in which you had a mark lower than the passing grade.

If the candidate fails the exam, he is entitled to one free retake within a 12 month period from the initial exam date.

Certificação

Data Protection 27701 Lead Implementer (DP27701LI)

After successfully completing the exam, participants can apply to one of the certification levels:: "Data Protection 27701 Provisional Implementer", "Data Protection 27701 Implementer" or "Data Protection 27701 Lead Implementer", depending on their level of experience.
These credentials are available for internal and external auditors.
A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Data Protection 27701 Lead Implementer is a certification program aligned with ISO/IEC 17024 standard.

Requirements for “Lead Implementer” certification:

Certification	Exam	Professional Experience	Privacy and Data Protection Audit Experience	Privacy and Data Protection Project Experience
Data Protection 27701 Associate Implementer	DP27701LI Exam	None	None	None
Data Protection 27701 Implementer	DP27701LI Exam	2 years 1 year of privacy or data protection work experience	None	Project activities totalling 200 hours
Data Protection 27701 Lead Implementer	DP27701 LI Exam	5 years 2 year of privacy or data protection work experience	None	Project activities totalling 200 hours

Formador

Our experts are consultants and auditors, with several years of experience in the areas of implementation, auditing and training in various international standards and recognized worldwide best practices.

Informações Gerais

FORMAÇÃO PRESENCIAL

• Formação em regime presencial na língua portuguesa ou inglesa.
• Recursos materiais da formação em Inglês.
• Metodologia prática de implementação passo-a-passo de um Programa de Protecção de Dados
• Certificado de Frequência de Formação Behaviour com 31 créditos CPD/CPE.
• Exame de Certificação em Inglês e Português.
• Diploma digital de Certificação e Insígnia digital de Certificação, após sucesso no exame e conclusão do processo de candidatura. Este registo não tem qualquer custo associado.
• Se o candidato não for aprovado no exame, tem o direito a uma nova tentativa gratuita dentro de um período máximo de 12 meses, a contar da data do exame inicial.
• Coffee-break da manhã e da tarde (aplica-se para todas as formações de decorram nas instalações da Behaviour).

FORMAÇÃO LIVE ONLINE TRAINING

• Formação na língua portuguesa ou inglesa.
• Recursos materiais da formação online e em Inglês, com acesso online.
• Metodologia prática de implementação passo-a-passo de um Programa de Protecção de Dados
• Certificado digital de Frequência de Formação Behaviour com 31 créditos CPD/CPE.
• Exame de Certificação online, em Português e Inglês. O exame pode ser realizado até 3meses, após a conclusão do curso.
• Diploma digital de Certificação e Insígnia digital de Certificação, após sucesso no exame e conclusão do processo de candidatura. Este registo não tem qualquer custo associado.
• Se o candidato não for aprovado no exame, tem o direito a uma nova tentativa gratuita dentro de um período máximo de 12 meses, a contar da data do exame inicial.

Benefícios

• GDPR is a requirement for all organizations that process personal data


• GDPR allows certification and international recognition of an organization. Allows access to new markets and optimization of operations. Allows improvement of quality, increase productivity, competitive advantage, customer satisfaction and sales.


• Organization’s data protection management systems (based on GDPR) can now be certified in data protection accredited schemes provided by accredited certification bodies under Article 43 of the General Data Protection Regulation (2016/679).


• This certification can be used as an evidence and support organizations in the demonstration of compliance with GDPR under Article 42.


• Organizations can use this certification for their international recognition and thus stand out from their peers.


• Behaviour Data Protection Lead Auditor (DPLI) course bases its pedagogical model in a certification program aligned in ISO/IEC 17024 standard, which defines the requirements for certification of people, fulfilling the recommendations of ISO.


• Data Protection Lead Implementer (DPLI) course is geared towards to the implementation of the GDPR, through a step-by-step implementation process. Thus, throughout the course, in addition to the basic concepts of GDPR, related legislation and other international recognized best practices, are presented the steps needed to prepare and start the Data Protection Management System (DPMS) (based on GDPR) implementation project which includes the selection of the approach, the implementation methodology, among other activities needed to implement the DPMS, based on the methodology presented, including DPMS operation and therefore the control, monitoring and continuous measurement.


• One of the strengths of the Data Protection Lead Implementer (DPLI) course, in addition to inclusion of implementation methodology, is that it allows prepare professionals for the audit of an GDPR certification and the registration in an accredited certifying body under GDPR Article 43. Addresses itself to this end, the recommendations of ISO 19011, ISO/IEC 17065 and ISO/IEC 17021 - requirements for certification bodies, and the guidelines of European Protection Data Board (EDPB).


• Certification exam is monitored by an official Behaviour administrator.


• Data Protection Lead Implementer (DPLI) certification exam is conducted at the end of the course, on the last day of training, divided in two parts, part 1 and 2. This process allows the certifying entity to measure, more effectively, the knowledge of the candidates.


• Upon success on the exam, the professional will achieve one of the Data Protection Lead Implementer (DPLI) certifications levels. In case of failure, the professional may repeat the exam with no additional cost (one free retake), within 1 year after the date of the 1st examination.


• Behaviour Pedagogical Model aims to provide a learning environment conducive to acquisition of competences, in accordance with objectives of each training program. Promoting interaction, participation and appreciation of experiences, we contribute to meaningful learning, certification and international recognition but, above all to the development of critical thinking and autonomy.


• Behaviour is an organization accredited by DGERT (Portuguese Government Entity) and has its Quality Management System (QMS) implemented in accordance with the requirements of ISO 9001, the requirements of DGERT, the requirements of the European standard NP 4512 and the standard ISO 10015.

Datas e Preço

Clique em “Preço e Inscrição” para aceder a mais informação, incluindo o preço:

Programa Datas Garantidas

(*) All dates of this course are guaranteed only for the events that take place in Lisbon. In other locations the events are subject to a minimum number of participants.
On Behaviour all courses at Lisbon occur regardless of the number of trainees in room. The concept of setting up classes does not exist in our educational model, which is why all public dates, presented on the website, are guaranteed. So if you're in Portugal or anywhere else in the world, you can prepare your week and your trip, as long as you ensure your registration in the course.

Descontos de Volume

For companies, Behaviour offer discounts, starting from the registration of the 2nd participant, in the same course and on the same date.
Simulate the prices for the number of participants you want to register to training@behaviour-group.com or contact us via chat.

Hotéis e Informações Úteis

Know where you can stay in Lisbon, near Behaviour. For more information please see >> Booking <<