ISO 27701:2019 is an extension to ISO/IEC 27001 and ISO/IEC 27002 for Privacy Information Management — Requirements and Guidelines. It provides additional guidance for the protection of privacy and for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS).
ISO 27701 provides evidence that personal information is processed in compliance with applicable data and privacy legislation and contractual requirements. It extends the technical measures of implementing information security to further include and address privacy requirements. Essentially, it’s a framework for organizations to manage privacy risks and implement appropriate measures – with a focus on personal information.
The standard helps companies align with global privacy regulations and enhances data protection practices. It requires systematic evaluation of privacy risks, implementation of comprehensive privacy controls, and ongoing management to maintain certification.
The goal is to ensure effective privacy measures and build customer trust in data protection practices.
Download certification for ISO 27701: 2019