PECB MS PRIVACY BY DESIGN AUDITOR CERTIFICATION PROGRAM

PECB MS Privacy by Design Auditor

Certification Program

The Privacy by Design framework has been designed to provide the requirements for

establishing, implementing, maintaining and continually improving a privacy system. It provides a

high-level framework for the protection of private data.

The framework has been developed with the objective of certifying processes and to give

confidence to all interested parties that a certified process fulfills the specified requirements.

The Privacy by Design certification helps to improve privacy risk management for organizations

delivering or using data processing systems or processes, regardless of their industry or size.

Considering the increasing amount of information and communication technologies that process

personal information, it is important that privacy is part of, and integrated with the organization’s

processes, and is taken into consideration when designing processes, information systems, and

controls.

The certification of a privacy program is a way of providing assurance that the organization has

implemented a system for the management of the relevant aspects of its activities, in line with its

privacy policies.

PECB MS Privacy by Design Auditor Certification Program01

How it works?

The requirements that have to be fulfilled by the applicant in order to initiate the process of becoming an

Approved Privacy by Design Auditor are listed below:

PECB MS Privacy by Design Auditor Certification Program

1An auditor can be referred as assessor or evaluator (according to ISO/IEC 17065).

02

Be a PECB MS Lead Auditor (please check the requirements for becoming a PECB MS Approved

Auditor: PECB MS Auditor Certification Program).1

2 Training/Certification: In order to get approved as a PECB MS Auditor for Privacy by Design, the

applicant needs to pass the PECB GDPR – Certified Data Protection Officer Exam and obtain the

PECB Certified Data Protection Officer Certification.

3 Work experience: The applicant is requested to have at least 2 years of relevant work experience in

privacy matters. Applicants shall provide documented evidence of work experience. This evidence

must be signed by the applicant’s employer and verified by PECB MS. Alternatively, this evidence

may be presented in the form of employer references giving information on actual work carried out,

positions held, reporting levels and areas of responsibility.

4 Personal Behavior and Competence: The applicant should possess the necessary attributes

to enable them to act in accordance with clause 7.2.2 of ISO 19011:2018, as well as be able to

demonstrate that he/she has the needed competence and knowledge to carry out an effective

audit in accordance with clause 7.2.3.2 of ISO 19011:2018..

To demonstrate that an applicant fulfills the requirements, he/she must fill

out the PECB MS Auditor Certification Package..

This package consists of a few forms which are necessary to be completed

by the applicant:

f 06200-FO1-Auditor Application Form

f 06200-FO2-Auditor Competence Form (including Competency for

Client Business Sector)

f 06200-FO3-Audit Log

f 06200-FO4-Auditor Agreement

The audit background and experience will be evaluated

based on specific certification requirements as well as on

the PECB MS competence criteria. The applicant should

pass the PECB GDPR – Certified Data Protection Officer

Exam and be able to attest his/her years of professional

experience and number of audits conducted. All of the

documents need to be filled out in detail and the applicant

must provide accurate information so that the PECB MS staff

can complete the file of the applicant.

PECB MS Privacy by Design Auditor Certification Program03

PECB MS Auditor

Certification Package

www.pecb-ms.com