pecb ms privacy by design auditor certification … · 1an auditor can be referred as assessor or...
TRANSCRIPT
PECB MS PRIVACY BY DESIGN AUDITOR CERTIFICATION PROGRAM
PECB MS Privacy by Design Auditor
Certification Program
The Privacy by Design framework has been designed to provide the requirements for
establishing, implementing, maintaining and continually improving a privacy system. It provides a
high-level framework for the protection of private data.
The framework has been developed with the objective of certifying processes and to give
confidence to all interested parties that a certified process fulfills the specified requirements.
The Privacy by Design certification helps to improve privacy risk management for organizations
delivering or using data processing systems or processes, regardless of their industry or size.
Considering the increasing amount of information and communication technologies that process
personal information, it is important that privacy is part of, and integrated with the organization’s
processes, and is taken into consideration when designing processes, information systems, and
controls.
The certification of a privacy program is a way of providing assurance that the organization has
implemented a system for the management of the relevant aspects of its activities, in line with its
privacy policies.
PECB MS Privacy by Design Auditor Certification Program01
How it works?
The requirements that have to be fulfilled by the applicant in order to initiate the process of becoming an
Approved Privacy by Design Auditor are listed below:
PECB MS Privacy by Design Auditor Certification Program
1An auditor can be referred as assessor or evaluator (according to ISO/IEC 17065).
02
Be a PECB MS Lead Auditor (please check the requirements for becoming a PECB MS Approved
Auditor: PECB MS Auditor Certification Program).1
2 Training/Certification: In order to get approved as a PECB MS Auditor for Privacy by Design, the
applicant needs to pass the PECB GDPR – Certified Data Protection Officer Exam and obtain the
PECB Certified Data Protection Officer Certification.
3 Work experience: The applicant is requested to have at least 2 years of relevant work experience in
privacy matters. Applicants shall provide documented evidence of work experience. This evidence
must be signed by the applicant’s employer and verified by PECB MS. Alternatively, this evidence
may be presented in the form of employer references giving information on actual work carried out,
positions held, reporting levels and areas of responsibility.
4 Personal Behavior and Competence: The applicant should possess the necessary attributes
to enable them to act in accordance with clause 7.2.2 of ISO 19011:2018, as well as be able to
demonstrate that he/she has the needed competence and knowledge to carry out an effective
audit in accordance with clause 7.2.3.2 of ISO 19011:2018..
To demonstrate that an applicant fulfills the requirements, he/she must fill
out the PECB MS Auditor Certification Package..
This package consists of a few forms which are necessary to be completed
by the applicant:
f 06200-FO1-Auditor Application Form
f 06200-FO2-Auditor Competence Form (including Competency for
Client Business Sector)
f 06200-FO3-Audit Log
f 06200-FO4-Auditor Agreement
The audit background and experience will be evaluated
based on specific certification requirements as well as on
the PECB MS competence criteria. The applicant should
pass the PECB GDPR – Certified Data Protection Officer
Exam and be able to attest his/her years of professional
experience and number of audits conducted. All of the
documents need to be filled out in detail and the applicant
must provide accurate information so that the PECB MS staff
can complete the file of the applicant.
PECB MS Privacy by Design Auditor Certification Program03
PECB MS Auditor
Certification Package
www.pecb-ms.com