DURATION: 8 DAYS
Day – 1
- Introduction of participants.
- Summary of changes in ISO 22301:2019.
- Exemplar Global Unit BC – Syllabus – 29 sub elements.
- Section 1: Business Continuity Terms and Definitions.
- Section 2: Context Analysis, Legal Requirements & Scope of BCMS.
- Section 3: BCMS Policy, Objectives, Management Commitment, Risks to BCMS.
- Section 4: Support Processes: Resources, Competence, Awareness, communication & Documentation.
- Section 5: Business Impact Analysis & Risks to Business Operations.
- Section 6: Strategies, Solutions, Response Structure, BCPs.
- Section 7: BCM Exercising and Evaluation of BCMS Documentation.
- Section 8: BCMS Monitoring, Internal Audits, Management Review.
- Section 9: Corrective Action, Continual Improvement.
- Section 10: BCMS Certification Audit Process & Auditor Evaluation Process.
- Assessment.
- Course and Assessment Review.
DAY 2
- Introduction and Course Objectives.
- Overview -Annex SL – Common Text for ISO standards.
- Section 1: Clause 3 ISMS Terms & Definitions.
- Section 2: Clause 4 External Context and Information security requirements and ISMS Legal compliance.
- Section 3: Clause 5 Leadership and Management Commitment, Reviewing Scope of ISMS.
- Section 4: Clause 6 Reviewing Risk Assessment methodology & Risk Register.
- Section 5: Clause 8 Reviewing Risk Treatment Plan – Overview of Annex A and reviewing the Statement of
- Applicability (SOA).
- Section 6: Clause 7 Reviewing Support Processes including HR.
- Section 7: Clause 7 Reviewing ISMS Documented information requirements.
- Section 8: Clause 9 Reviewing ISMS implementation and effectiveness.
- Section 9: Clause 9 & 10 Reviewing ISMS Monitoring and Improvement.
DAY 3
- Recap – Day 1.
- Reviewing controls in Annexure A – controls A.5.
- Reviewing controls in Annexure A – controls A.6 to A.7.
- Reviewing controls in Annexure A – controls A.8.
- Candidate Assessment.
- Course Feedback.
DAY 4
- Introduction of Trainer and Participants.
- Overview of GDPR 11 Chapters & PIMS ISO/IEC 27701:2019.
- Chapter 1 General Provisions – Articles 1 to 3.
- Chapter 1 Definitions –Article 4 and ISO 29100.
- Chapter 2 Principles –Articles 5 to 11.
- Chapter 3 Rights of the Data Subject – Articles 12 to 23.
- Chapter 4 Data Controller and Data Processor – Articles 24 to 43.
- ISO/IEC 27701:2019 – Clause 7(Controller) and Clause 8(Processor).
- Chapter 5 Transfer of personal data to third countries / international organizations – Articles 44 to 50.
- Chapter 6 Independent Supervisory Authorities –Articles 51 to 59.
- Chapter 7 Cooperation and consistency –Articles 60 to 76.
- Chapter 8 Remedies, liability and penalties – Articles 77 to 84.
- Chapter 9 Provisions relating to specific processing situations.
- Articles 85 to 91 (GDPR Articles 92 to 99 are for information only).
- Day 1 – Summary.
DAY 5
- Additional Requirements of PDPB, 2019 (India).
- PIMS – ISO/IEC 27701:2019 Clauses 4,5,6
- Implementation of GDPR, PIMS and PDPB.
- Understand Data Protection Impact Assessment (DPIA).
- Documentation and records required for GDPR & PIMS.
- Summary of Day 2 and Q & A session.
- Written Assessment for Participants.
- Feedback.
DAY 6
- Introduction and Course Objectives.
- Auditing.
- The International Standards.
- Definitions of Auditing.
- Types of Audit.
- Audit Principles.
- Assessment SECTION 1& 2.
- Managing an Audit Programme.
- Establishing the audit programme objectives.
- Establishing the extent of the audit programme.
- Identifying and evaluating audit programme risks.
- SECTION 3.
- Audit Activities.
- Conducting Document Review Assessment SECTION 4A & B.
- (Documentation Review).
- On site activities.
- Audit Plan.
- Assessment SECTION 5A(Audit Plan).
- Preparing for the On-Site Activity.
- Preparing the working Documents Audit Checklist Assessment SECTION 5B & C (Checklist).
- Conducting On Site Audit Activities.
- Opening Meeting.
- Assessment SECTION 6 (Opening meeting).
- Close of Day 1.
DAY 7
- Conducting the Audit.
- Audit Findings.
- Assessment SECTION 7 (Multiple choice questions).
- Assessment SECTION 8 and Section 9 A (Case Study and CAR).
- Assessment SECTION 8 and Section 9 A (Case Study and CAR) (Case Study).
- Closing Meeting.
- Preparing, Approving and Distributing the Audit Report.
- Completing the Audit.
- Conducting an Audit Follow-Up.
- Assessment SECTION 9 A & B.
- Assessment SECTION 9 A & B (Report writing and Closing meeting).
- Competence of Management System Auditors.
- Competence of Management System Auditors.
- Auditor Evaluation process.
- Assessment SECTION 10, 11 & 12 (Multiple choice questions).
- Questions /Answers and Close.
DAY 8
- Recap Auditing.
- Recap Definitions of Auditing.
- Role & Responsibility of Team Leader and Team members.
- Establishing the audit programme objectives.
- Establishing the extent of the audit programme.
- Identifying and evaluating audit programme risks.
- Selection of Audit Team.
- Allocation of responsibilities to the team members.
- Directing audit team member and resolving conflict.
- Methods for Collection of Audit Evidence.
- Grades of Auditors.
- Activity – Case Study.
- Assessment.