What is ISO/IEC 27701?

ISO/IEC 27701 standard is published in August 2019, and it is the first international standard that deals with privacy information management. The standard will assist organizations to establish, maintain and continually improve a Privacy Information Management System (PIMS) by enhancing the existing ISMS, based on the requirements of the ISO/IEC 27001 and guidance of ISO/IEC 27002. It can be used by all types of organizations irrespective of their size, complexity or the country they operate. 

Why is ISO/IEC 27701 important for you?

The exponential growth of the collection of personal information and the increasing of data processing has led to privacy concerns. Hence, implementing a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701 will enable organizations to assess, treat, and reduce risks associate with the collection, maintenance and processing of personal information.

This standard is essential for every organization that is responsible and accountable for Personally Identifiable Information (PII) as it provides requirements on how to manage and process data and safeguard privacy. It enriches an already implemented ISMS to address privacy concerns properly by assisting the organizations to understand the practical approaches involved in the implementation of an effective management of PII. 

Benefits of ISO/IEC 27701

  • Understand the Privacy Information Management System implementation process 
  • Acquire the necessary skills to support an organization in implementing a Privacy Information Management System in compliance with the ISO/IEC 27701
  • Support the continuous improvement process of the Privacy Information Management System within organizations 
  • Protect the organization’s reputation
  • Build customer’s trust 
  • Increase customer satisfaction 
  • Increase transparency of the organization’s processes and procedures
  • Maintain the integrity of customers’ and other interested parties’ information