ISO/IEC 27701 - Privacy Information Management

ISO/IEC 27701 - Privacy Information Management

Demonstrate robust controls are in place to protect privacy.

Demonstrate robust controls are in place to protect privacy.

Red Overlay
privacy information management
privacy information management
Red Overlay
Privacy info management

ISO/IEC 27701 is a privacy extension to ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls

The international management system standard provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.

ISO/IEC 27701 is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations. It provides guidance for organizations who are responsible for Personally Identifiable Information (PII) processing within an information security management system (ISMS), specifically:

PII controllers (including those who are joint PII controllers)
PII processors

Benefits of ISO/IEC 27701:

  • Facilitates effective business agreements
  • Clarifies roles and responsibilities, and provides transparency between stakeholders
  • Supports compliance with privacy regulations
  • Reduces complexity by integrating with the leading information security standard ISO/IEC 27001



How do I get certified to ISO/IEC 27701?