ISO/IEC 27701:2019

IGC provides certification services such as ISO 27701 Privacy Infromation Management System provisional auditor, auditor, lead auditor, internal auditor, and senior auditor based on cooperation with GPC (Global Personnel Certification), an accredited personnel certification body based on ISO/IEC 17024

• 

  ISO/IEC 27701:2019 Overview

  ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002 that provides requirements and guidelines for establishing, implementing, maintaining, and continuing improvement of the Privacy Information Management System (PIMS) for the management of the organization's privacy.
  
  ISO/IEC 27701 gives customers and business partners confidence in their privacy management capabilities. Specify the PIMS-related requirements for Personally Identifiable Information controllers and Personally Identifiable Information processors holding responsibility for Personally Identifiable Information processing, and can be applied to organizations of all types and sizes.

• ISO/IEC 27701:2019 Auditor Certification Requirements

  

  	Lead auditor	Auditor	Senior Auditor	Internal Auditor	Provisional Auditor
  Education	Secondary education or higher
  Work experience	5 years and more (Including 2 years or more of experience related to the ISO 27701)		10 years and more (Including 5 years or more of experience related to the ISO 27701)	3 years and more (Including 1 year or more experience related to the ISO 27701)	None
  Audit Experience	Audit log of 35 MD or higher as an auditor or lead auditor within the last 3 years (of which 15 M/D or more are audit log as lead auditor)	Audit log of 20 M/D or higher as an auditor or lead auditor within the last 3 years	Audit log of 15 M/D or more as an auditor or lead auditor within the last 3 years (only the log after acquiring lead auditor certification from an accredited personnel certification body is acceptable)	Within the last 3 years awarded 5 times + audit log of at least 15 M/D	None
  Educational Training	* Completion of auditor training course within the last 3 years (Only a certificate of completion issued by an accredited personnel certification body or a training provider designated by it can be accepted)
  Test	GPC knowledge and personality test pass

• 

  ISO/IEC 27701:2019 Auditor Certification Procedure

  • 1. Receipt of application documents

    - The applicants fill out the application form and submit materials to prove their background.

  • 2. Review of application documents and other materials

    - After reviewing the submitted application documents and other materials, if they are not sufficient, applicants should prove their history by supporting additional data.

  • 3. Performing GPC exam

    - The applicants should take the knowledge and attribution test and are granted certification upon passing the test.

  • 4. Review by Certification Decision Panel

    - Based on the submitted data and test results, the certification decision panel makes a certification decision.

  • 5. Certification issuance

    - When the certification is determined, a certificate is issued and delivered to the applicant.

  The certification is valid for 3 years from the date of issue, and registration fees must be paid annually in accordance with the certified cycle, and additional requirements must be met at the 3rd year in the renewal cycle.