ISO/IEC 27701* is a privacy extension to ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls. An international management system standard, it provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.

Benefits of ISO/IEC 27701: 

• Builds trust in managing personal information 
• Provides transparency between stakeholders
• Facilitates effective business agreements
• Clarifies roles and responsibilities
• Supports compliance with privacy regulations
• Reduces complexity by integrating with the leading information security standard ISO/IEC 27001

ISO/IEC 27552 development timeline

ISO/IEC 27552 is being drafted by the ISO/IEC Working Group responsible for ‘Identity Management and Privacy Technologies’. 

BSI is appointed by the UK Government as the National Standards Body and represents the UK interests at both the ISO and the IEC. The following shows the intended development timeline for its publication as an International Standard.

Keep updated on ISO/IEC 27552 developments