Privacy Information Management Standard
ISO/IEC 27701 is a recently published international management system standard providing guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organisation demonstrating how organisations should manage personal information, and assists by demonstrating compliance with privacy regulations around the world.
This reduces risk to the privacy rights of individuals and to the organisation by enhancing an existing Information Security Management System – ISO/IEC 27001.
This standard is a great way of building trust with customers and provides transparency to external stakeholders and internal stakeholders that effective systems are in place to manage personal information and latest legislation. I
If you are looking to get certification to ISO 27701 in order to comply with GDPR you will either need to implement ISO 27001 and ISO 27701 together which can be done in a single audit or you need to add it to an existing ISO 27001 certification.
For more information please contact us.