Privacy Information Management (ISO/IEC 27701) Foundation

Earners of the Privacy Information Management Foundation (ISO/IEC 27701) certification have demonstrated foundational knowledge of the ISO/IEC 27701. This certification confirms that the professional has the knowledge to establish, implement, maintain and continually improve a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organization in accordance with the ISO/IEC 27701 standard. The exam covers topics such as Terms and definitions (PIMS, PII controller, and PII processor), normative references (ISO/IEC 27000, ISO/IEC 27001:2013, ISO/IEC 27002:2013, and ISO/IEC 29100), PIMS-specific guidance related to ISO/IEC 27001 (Context of organization, Leadership, Planning, Support, Operation, Performance evaluation, and Improvement), PIMS-specific guidance related to ISO/IEC 27002 (Information security policies, Human resource security, Asset management, Access control, Cryptography, Physical and environmental security, Operations security, Communications security, Information security incident management, and Compliance), Conditions for collecting and processing, Obligations to PII principals, Privacy by design and privacy by default, PII sharing, transfer, disclosure, Consent, and Privacy impact assessment. Earning criteria: To earn the Privacy Information Management Foundation (ISO/IEC 27701) certification candidates must successfully pass the ITC-045: Privacy Information Management Foundation (ISO/IEC 27701) exam - Foundational level. A score of 70% or higher is required to pass the exam. The ITC-045: Privacy Information Management Foundation (ISO/IEC 27701) exam is a closed-book and remotely proctored exam. ITCERTS recommends that candidates have at least 6 months of work experience in Privacy Information Management before sitting for the exam. This certification is considered good-for-life and does not expire.