ISO 27701 Practitioner

The International Standards Organization (ISO) has issued the world's first standard to help organizations meet the requirements of the EU GDPR Regulation while declaring advanced personal data protection through auditing. Extends the requirements of ISO 27001 and ISO 27002.

Would you like to compare to other courses?

Virtual Training or e-Learning?

We offer flexibility. You can choose from our selection of in-class courses as well as online courses.

Try a live virtual course

Target Audience

The standard is intended for all those who want to maximize the possibilities for processing personal data and at the same time comply with the EU GDPR regulation and the law on personal data protection.

It is based on the requirements, principles, procedures and rules for information security management ISO 27001. This standard is supplemented, i.e., it is an extension of privacy requirements.

And it is the organizations that implement the ISO 27001 standard that will use the new ISO 27701 standard as a manual to extend security measures to the processing of personal data in order to comply with the GDPR Regulation and the Personal Data Protection Act.

  • Administrators, Processors and Privacy Officers
  • Managers and consultants interested in personal data protection 
  • Professional consultants who try to solve the requirements of GDPR procedurally and technically
PIMS: Privacy Information Management System

Aims of the course

  • Clearly defines roles and responsibilities
  • Ensures transparency between stakeholders
  • ISO 27701 builds confidence in GDPR compliance
  • Facilitates the work of the Data Protection Commissioner
  • Helps standardize processes for Administrators and Processors
  • Reduces the complexity of ISO / IEC 27001 interconnection and information security

ISO 27701

ISO 27701 is a new certification standard for personal data protection

The new ISO 27701 standard, the co-author of which is the director of certification policies from Microsoft (Alex Li) will effectively align your privacy law with the requirements of the GDPR into specific policies, procedures, procedures, technical and operational activities. It contains a number of practical instructions for administrators, processors and data protection officers.

ISO 27005 benefits

GDPR Compliance

You can declare compliance with GDPR. This is a completely new certification standard in the field of personal data protection.

ISO 27701 is designed to be universally applicable in order to strengthen and standardize the protection of personal data.

It can be used in any industry, environment, regardless of the size of the organization. Like ISO 27001, it promotes a risk-based approach. With its help, each organization will solve its specific risks that it faces, which relate not only to information assets, but also to personal data.

ISO 27701 GDPR

Personal data protection

ISO 27701 defines the requirements and provides recommendations for the protection of personal data in the form of an extension of the ISO 27001 standard. Over 60,000 organizations have obtained this certification.

We recommend integrating ISO 27701 wherever there are requirements for the protection of personal data or information in general. The standard describes in practical form what is necessary for the creation, implementation, maintenance and continuous improvement of a personal data management system (PIMS).

Personal data protection

GDPR vs. ISO 27701

GDPR and certification of conformity with personal data protection

EU GDPR (General Data Protection Regulation) requires controllers and processors to implement appropriate technical and organizational measures to ensure the privacy of such personal data.

However, the regulation itself provides only general guidance on how to implement these measures.

The International Organization for Standardization has therefore developed a new safety standard in the category of ISO 27000 standards. These are ISO / IEC 27701 Security Techniques.

The new standard for personal data protection is an extension of ISO / IEC 27001 and ISO / IEC 27002 Requirements and guidelines. Both standards deal with the protection of personal information.

spráce a zpracovatel osobních údajů


Demonstrate GDPR compliance with the help of ISO 27701 and ISO 27001

The implementation of ISO 27701 and ISO 27001 will help you to meet the legislative requirements for the protection of personal data as required by the European GDPR Regulation and related directives, including the right of data subjects (liability principle) under Article 5 (2) of the GDPR.

With an internationally recognized certificate, you will declare that you have technical, procedural, organizational and personnel measures in place in the area of personal data that you process.

Article 42 of the GDPR describes the certification mechanism, including seals and marks, so far only in general. Obtaining an accredited certification according to ISO 27001 with the extension of ISO 27701 is thus the only possible achievement of an internationally recognized certification that meets the requirements of regulatory and supervisory bodies in the field of personal data processing.

gdpr certifikace (compliance)


Day 1
Hide agenda
Open agenda

09:00 – 10:30

ISO 27001 Introduction

  • Principles
  • Processes

ISO 27001 Introduction

  • GDPR
  • Personal data protection

10:30 – 10:45

Coffee Break

10:45 – 12:15

ISO 27000 vs.

  • ISO 27001 and GDPR
  • ISO 27002 and GDPR
  • ISO 27701 and GDPR

12:15 – 13:15


13:15 – 14:45

ISO 27702

Upgrade for personal data

  • physical security
  • personal security

14:45 – 15:00

Coffee Break

15:00 – 17:00

ISO 27702

Upgrade for personal data

  • IT security
  • organisational security

Day 2
Hide agenda
Open agenda

09:00 – 10:30

ISO 27002

  • Upgrade for personal data managers
  • Upgrade for personal data processors

10:30 – 10:45

Coffee break

10:45 – 12:15


  • ISO 27701 and Regulation 679/2016
  • Auditor work according to ISO 27701

12:15 – 13:15


13:15 – 14:45

Practical examples

  • Risk analysis
  • Suitable security measures recommendation

14:45 – 15:00

Coffee Break

15:00 – 17:00

ISO 27701 Certification

ISO 27701 is a new certification standard in the field of personal data protection.

Thanks to the new ISO 27701 standard, you can declare compliance with GDPR.

  • Block duration 90 minutes
  • Hours 16 hours
  • Refreshments Yes
  • Exam Practical
  • Prerequisites

    ISO 27000 Foundation or higher

Vít Lidinský

  • Since 2012, he has been working as a forensic expert in the field of economics, prices and estimates, with a special specialization in information systems and personal data protection.
  • For more than 5 years he was the head of the department. and Chief Executive Officer at the Ministry of Informatics, the Ministry of Foreign Affairs of the Czech Republic and the State Treasury Shared Services Center (ICT Departments).
  • He graduated from the Faculty of Business and Economics, majoring in information management - CULS. Here he gradually obtained a master's (Ing.) And doctoral degree (Ph. D.)

Jan Cuřín

Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.

  • Cyber Security standard author
  • Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
  • Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067

Graduate ratings

What makes our references exceptional? They are not one-off events. Clients come back to us regularly.

View the full list of reference clients.

Your rating

Not sure if this is the right courese for you? Get in touch!

For assistance please give us a call.

We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.

*items marked with an asterisk are mandatory

Would you like a gift for your birtday?