Why should you attend?

This training course is designed to prepare you to implement a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO 27701. Moreover, you will gain a comprehensive understanding of the best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes.

After mastering the implementation and management of a Privacy Information Management System (PIMS), you can sit for the exam and apply for a “MacLead Certified ISO 27701 Lead Implementer” credential. The internationally recognized MacLead Lead Implementer Certificate proves that you have the practical knowledge and professional capabilities to implement the ISO 27701 requirements in an organization.

What would you learn?

  • Assess the compliance of the system against the requirements of the ISO 27701 standard,
  • General Data Protection Regulations (GDPR) and Indian Legislation,
  • Master the concepts, approaches, methods and techniques used for the implementation and effective management of a PIMS,
  • Plan, conduct, report and implement follow-up audits activities,
  • Recognize a typical framework for extending your ISO 27001 ISMS to include specific requirements and guidance for protecting personally identifiable information (PII) and implementing a PIMS,
  • Interpret key requirements and guidance of ISO 27701 from both a PII controller and processor auditor and implementation perspective,
  • Identify the benefits to your organization of implementing an ISO 27701 PIMS Skills,
  • Implement the key requirements and guidance of ISO 27701.

Who should attend?

  • Managers and consultants involved in privacy and data management
  • Expert advisors seeking to master the implementation of a Privacy Information Management System
  • Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations
  • Individuals responsible for maintaining conformance with data privacy regimes requirements
  • PIMS team members
  • Anyone involved in planning, implementing, maintaining or supervising an ISO/ 27701 PIMS

Why from MacLead?

  • Licensed institute partner with CMMI Institute, Pittsburgh, USA
  • Empaneled firm for People Capability Maturity Model (P-CMM®) for 2019-20 with Quality Council of India, an autonomous Body setup by Ministry of Commerce & Industry, Govt. of India
  • Member organization of Quality Council of India
  • MoU partner foremerging fields training & consultancy with
  • MoU partner with National Board for Quality Promotion (NBQP) a constituent board of Quality Council of India for providing Awareness Training Assistance in growing technology fields
  • Micro, Small or Medium Enterprise (MSME) registered organization
  • Approved trainer and examiner for GDPR from Accredia – an Italian Accreditation Body

What would it cost?

  • Course fee—INR 48,500 + Service Tax (GST) as applicable.

 Mode of Training

  • Tutor lead Web and Direct contact

Course Duration

  • 40 Hours of classroom session extending to 5 days.

Materials Provided

  • Course Materials, Support documents, Course Certificate and Exam certificate on passing the exam


There are formal prerequisites for education, training and work experience is mentioned below.

  • Education: Degree or Diploma
  • Preferred is completion of ISO 27001 training and implementation

Work Experience:

  • For Degree holders: Minimum 2 years of work experience
Note: No formal prerequisite to attend the training program.

Course Content

Day 1:

  • About the course
  • Standards, principles and definitions
  • Overview
  • Security techniques related to ISO 27701
  • Specific requirements related to ISO 27001
  • Specific guidance related to ISO 27002
  • ISO 27002 guidance for PII controllers
  • ISO 27002 guidance for PII processors

Day 2:

  • Review of Day 1 learning
  • General Data Protection Regulations (GDPR) and Indian Legislation
  • Planning the implementation of a PIMS
  • Context of the organization
  • Leadership
  • Planning
  • Support
  • Operation
  • Performance evaluation
  • Improvement

Day 3:

  • Review of Day 2 learning
  • Implementing a PIMS
  • Information security policies
  • Organization of information security
  • Human resource security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • Systems acquisition, development and maintenance
  • Supplier and third party relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance

Day 4:

  • Review of Day 3 learning
  • PIMS monitoring, continual improvement and preparation for the certification audit
  • Conditions for collection and processing.
  • Obligations to PII principals
  • Privacy by design and privacy by default
  • PII sharing, transfer, and disclosure
  • Conditions for collection and processing
  • Obligations to PII principals
  • Privacy by design and privacy by default
  • PII sharing, transfer, and disclosure
  • Annex A – PIMS-specific reference control objectives and controls (PII Controllers)
  • Annex B – PIMS-specific reference control objectives and controls (PII Processors)

Day 5:

  • Review of Day 4 learning
  • Annex C – Mapping to ISO 29100
  • Annex D – Mapping to the General Data Protection Regulation
  • Annex E – Mapping to ISO 27018 and ISO 29151
  • Annex F – How to apply ISO 27701 to ISO 27001 and ISO 27002
  • Course Summary & Preparation for Examination
  • Written Examination

Interested for this training, if yes please connect us by clicking over here.