ISO/IEC 27701 Foundation provides participants with a solid introduction to the internationally recognised Privacy Information Management System (PIMS) standard. The course focuses on the structure, principles and key concepts of ISO/IEC 27701, enabling delegates to understand how privacy controls support organisational governance and risk management.
This foundational course gives participants insight into how ISO/IEC 27701 extends the ISO/IEC 27001 standard to include privacy management requirements and controls. Through practical examples and explanations, participants learn how privacy information management works in practice, how it relates to risk, and how it supports compliance with applicable privacy laws and frameworks. The course prepares candidates for the ISO/IEC 27701 Foundation certification exam and offers a strong base for further study in privacy and security management.
Course objectivesUpon completion of this course, participants will be able to:
PrerequisitesThere are no formal prerequisites for this course. A general interest in information security, privacy and governance is helpful.
Target audienceThis course is designed for those new to privacy management or those seeking to understand the foundations of privacy information management systems, including privacy professionals, security practitioners, IT staff, compliance officers and business stakeholders.
Participants are introduced to the fundamentals of privacy management and why structured approaches are important in today’s digital environment. This section covers concepts such as personal data governance, accountability, and the role of privacy management in organisational risk frameworks.
This section explains the structure of the ISO/IEC 27701 standard and how it extends existing frameworks like ISO/IEC 27001. Participants gain an understanding of how the additional requirements support privacy controls and documentation.
Participants explore essential terminology and concepts used in ISO/IEC 27701, including roles, responsibilities, privacy objectives, control categories, and how these tie into broader governance structures.
This part of the course focuses on the basics of implementing privacy controls as defined in the standard, including how to approach risk assessment, treatment and documentation for privacy requirements.
The course concludes with guidance on the ISO/IEC 27701 Foundation exam, including key topics, exam structure and tips for success.
After successfully completing the exam, you can apply for the credential shown on the table below. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to Certification Rules and Policies.
The requirements for PECB Foundation Certification are:
The exam is will take place at the end of the course on onsite classroom courses
For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB.
Examination rules and policies
Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.
Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.
In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.
Candidates, who disagree with the exam results, may file a complaint by writing to examination@pecb.com or through PECB ticketing system.
There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:
After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.
For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.
To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.
Duration: 2 days
Price: 14 900
Language: English
Format: Open course and corporate training
Hva lærer jeg på dette kurset?
Du lærer grunnleggende prinsipper, struktur og terminologi i ISO/IEC 27701, inkludert hvordan et Privacy Information Management System (PIMS) er bygget opp.
Hva kreves for å delta?
Det kreves ingen forkunnskaper, men generell interesse for personvern, informasjonssikkerhet og styringssystemer er en fordel.
Hvordan gjennomføres eksamen?
Eksamen gjennomføres enten fysisk på kursstedet eller online med voucher og online eksamensvakt.
Hva skjer hvis jeg ikke består første eksamen?
Du får som regel ett eksamensforsøk til online.
Får jeg ekstra tid på eksamen?
Ja, du får ekstra tid dersom engelsk ikke er ditt morsmål, i tråd med sertifiseringsreglene.
Hvilken sertifisering får jeg?
Etter bestått eksamen oppnår du PECB Certified ISO/IEC 27701 Foundation-sertifisering. Se tabell under sertifisering.
Får jeg ISO-standarden?
Nei, men du får tilgang til kursmateriell og en lånestandard som kan brukes under kurset og eksamen.
Hva er forskjellen på Foundation, Implementer og Auditor?
Foundation gir grunnleggende forståelse av standardens struktur og krav. Implementer handler om å etablere og drifte systemet. Auditor er rettet mot revisjon og vurdering.
Er dette kurset relevant for ledere?
Ja, kurset er relevant for ledere, DPOer, compliance-roller og konsulenter som jobber med personvern og styringssystemer.
Kan jeg ta dette kurset som e-læring eller selvstudium?
Nei, det er ikke mulig å ta dette kurset som e-læring, men mulig med selvstudie. Send en mail til prosjekt@glassper.no for mer informasjon og bestilling.
