ISO/IEC 27701 - Privacy Information Management System

ISO/IEC 27701 - Privacy Information Management System

In August 2019 ISO/IEC 27701 has been published. This standard sets the requriements for a privacy information management system.

ISO/IEC 27701 is an extension to ISO/IEC 27001, the information security management system standard. An organization with an ISMS in place according to ISO/IEC 27001 can implement a series of supplementary controls to meet the requriements of ISO/IEC 27701 and obtain a certification for its Privacy Information Management System (PIMS).

ISO/IEC 27701 is aligned with the provisions of the General Data Protection Regulation (GDPR) so a company certified to ISO/IEC 27701 demonstrates the existence of effective controls for the protection of the personal data it processes and its compliance with the GDPR requirements.

More about ISO/IEC 27701 here.