Professional Track
ISO/IEC 27701 Auditor Track
Develop the skills to plan, conduct and evaluate audits against ISO/IEC 27701 in real organisational contexts
Overview
The ISO/IEC 27701 Auditor Track is designed for professionals who audit Privacy Information Management Systems (PIMS) of organisations acting as controllers and/or processors. Rather than treating privacy audits as a review of policies or legal documentation, the programme focuses on evaluating how privacy requirements are governed, implemented and monitored in practice.
The track covers the full audit life cycle and enables effective PIMS audits in internal auditing, supplier auditing as well as third-party auditing contexts.
Target audience
Auditors with existing ISO/IEC 27001 experience who want to extend their competence to privacy information management systems
Internal or external auditors involved in audits covering data protection and privacy controls
Information security or data protection professionals seeking to develop formal PIMS auditing capability
Practising ISO/IEC 27701 auditors who want to strengthen their understanding of audit boundaries, scope definition, and evidence evaluation in privacy-related audits
Learning outcomes
In this track, you will acquire the following capabilities.
Understand and interpret ISO/IEC 27701 requirements reliably
Interpret ISO/IEC 27701 requirements consistently across different organisational contexts
Understand the structure and practical application of PIMS
Plan and conduct audits in a structured manner
Plan and perform internal, supplier and third-party PIMS audits in accordance with ISO 19011
Apply appropriate audit techniques to obtain objective and verifiable audit evidence
Evaluate conformity and audit findings professionally
Evaluate conformity of a PIMS against ISO/IEC 27701 requirements and defined audit criteria
Formulate clear, well-founded audit findings and nonconformities
Communicate audit results and support improvement
Communicate audit results professionally to auditees and management
Support improvement of privacy governance and controls through clear, actionable audit feedback
Professional positioning
Build a recognised competence profile as an auditor for ISO/IEC 27701 across different organisational contexts
Assess privacy information management systems in a structured, independent and standard-compliant manner, and substantiate audit findings professionally
Act as a competent professional counterpart to organisations, management, certification bodies and other auditors
Track ID
HAT-DP-A
Duration
~18 days
Language
English
List price
CHF 8,000
Excl. VAT. VAT may apply depending on customer location and status.
Modular system
Reuse of modules across tracks
Previously completed modules are recognized, avoiding duplication when pursuing additional Halderstone tracks.
If you later decide to extend your auditing competence to additional areas and ISO standards, you can earn additional auditor credentials without repeating the common core. This allows you to build an integrated competence profile step by step with limited additional effort.
Two credentials with one track
Both credentials are awarded without expiry.
Registered credentials
In addition, track graduates can apply for a Registered credential for this role and discipline. It confirms capability in practice and ensures it remains current over time. Registered credentials require verified professional experience and periodic reassessment.
Registered credentials for this role and discipline
For employers
Understand what this credential signal in hiring and professional practice
Core modules
Shared foundations common to all Auditor tracks
Specialization modules
Role-specific modules that deepen your expertise in ISO/IEC 27701 Auditing
Final assessment
Practical and theoretical demonstration of your acquired competence as ISO/IEC 27701 Auditor
Capstone project
Final exam
Good to know
