ISO/IEC 27701

ISO/IEC 27701

Accountability and trust for personal information

Accountability and trust for personal information 
Red Overlay
ISO/IEC 27701
ISO/IEC 27701
Red Overlay

What is privacy information management and ISO/IEC 27701?

ISO/IEC 27701 is a privacy extension to ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls. An international management system standard, it provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.

Who should use ISO/IEC 27701?

ISO/IEC 27701 is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations. It provides guidance for organizations who are responsible for PII processing within an information security management system (ISMS), specifically PII controllers (including those who are joint PII controllers) and PII processors.

Benefits of ISO/IEC 27701

• Builds trust in managing personal information
• Provides transparency between stakeholders
• Facilitates effective business agreements
• Clarifies roles and responsibilities
• Supports compliance with privacy regulations
• Reduces complexity by integrating with the leading information security standard ISO/IEC 27001

Disclaimer

BSI is an accredited Certification Body for Management System Certification and Product certification. No BSI Group company may provide management system consultancy or product consultancy that could be in breach of accreditation requirements.

Clients who have received any form of management system consultancy or product consultancy from any BSI Group company are unable to have BSI certification services within a 2 year period following completion of consultancy.