ISO/IEC 27701 – Privacy

ISO/IEC 27701 Privacy Information Management System (PIMS)

The ISO / IEC 27701 standard was published in August 2019. It provides the requirements for integrating the ISO / IEC 27001 standard, extending the scope of application to the Privacy Information Management System PIMS.

The standard is an extension of ISO / IEC 27001 which should be considered too. Therefore, the application of ISO / IEC 27701 cannot stand alone, but relies on the application of the above standard.

It is necessary to remember that the 27701 standard is based on the ISO 17021-1. So, it does not replace the European GDPR privacy regulation, which instead involves a ISO 17065 certification.

 

Next step ?

SIET acts as a conformity assessment body.

It is able to certificate the compliance of the management system of an organization with the ISO / IEC 27701 standard and with the ISO / IEC 27001 standard (which is required in advance for ISO / IEC 27701 certification).