Day 1: Introduction to Privacy Framework concepts as recommended by ISO 29100
• Privacy Framework based on ISO 29100 and regulatory framework
• Fundamental Principles of Privacy
• Privacy Legislation US & Europe
• Writing a business case and a project plan for the implementation of a Privacy Framework
• Initiating the Privacy Framework implementation
Day 2: Planning the implementation of the Privacy Framework
• Preliminary analysis of Existing Controls
• Leadership and approval of the Privacy Framework project
• Defining the scope of a Privacy Framework
• Development of a Privacy policy
• Selection of the approach and methodology for risk assessment
• Control Statement and management decision to implement the Privacy Framework
• Definition of the organizational structure of Privacy
Day 3: Implementing a Privacy Framework
• Implementation of a document management framework
• Design of controls and writing procedures and specific policies
• Implementation of privacy controls
• Development of a training & awareness program and communicating about the privacy
• Incident management
• Operations Management
Day 4: Privacy Framework measurement and continuous improvement
• Monitoring, Measurement, Analysis and Evaluation
• Internal Audit
• Management Review
• Treatment of problems and points of concern
• Continual improvement
• Competence and evaluation of implementers
Day 5: Certification Exam
Prerequisites
ISO 29100 Provisional Certification or a basic knowledge of ISO 29100 is recommended
Educational approach
• This training is based on both theory and practice:
o Sessions of lectures illustrated with examples based on real cases
o Practical exercises based on a full case study including role playing and oral presentations
o Review exercises to assist the exam preparation
o Practice test similar to the certification exam
• To benefit from the practical exercises, the number of training participants is limited
Examination and certification
• The "Certified Lead Privacy Implementer" exam fully meets the requirements of the PECB Examination Certification Programme (ECP). The exam covers the following competence domains:
o Domain 1: Fundamental principles and concepts in Privacy Implementation
o Domain 2: Privacy Implementation Best Practices based on ISO 29100
o Domain 3: Designing and Developing an Organizational Privacy Framework based on ISO 29100
o Domain 4: Implementing a Privacy Framework
o Domain 5: Designing and Implementing Privacy Controls
o Domain 6: Performance Monitoring and Measuring
o Domain 7: Improving the Privacy Implementation Process
• The “Certified Lead Privacy Implementer” exam is available in different languages (the complete list of languages can be found in the examination application form)
Duration: 3 hours
"Taken from PECB <https://pecb.com