ISO/IEC 27701 2019 Standard

Almost every organization has PII (personally identifiable information).

This standard is ideal for organizations wishing to implement a PIMS that supports their ISMS objectives and helps meet their data privacy compliance requirements, such as those stipulated by the EU’s GDPR (General Data Protection Regulation) and the UK’s DPA (Data Protection Act) 2018.

Key features:

• The Standard includes mapping to the GDPR, ISO/IEC 29100, ISO/IEC 27018, and ISO/IEC 29151
• Integrates with other management system standards, including the information security standard, ISO/IEC 27001
• Provides PIMS-specific guidance for ISO/IEC 27002
• Specifies requirements and provides guidance for establishing, implementing, maintaining, and continually improving a PIMS
• Supports compliance with the GDPR and DPA 2018
• Provides guidance for data controllers and processors responsible for processing personal data

Important:

ISO/IEC 27701 supports an established ISMS aligned to ISO/IEC 27001, because it extends the requirements outlined in ISO/IEC 27001.

If you do not have an ISO 27001-compliant ISMS, we recommend you purchase BS 10012:2017 for your PIMS, as it doesn’t depend on an already-established ISMS.