ISO 27001

ISO 27701 was released in August of 2019, seeks to provide a truly international approach to privacy protection as a component of information security.

ISO 27701 is a framework for data privacy that builds on ISO 27001. This latest privacy best practice guides organisations on policies and procedures that should be in place to comply with GDPR and other data protection/privacy regulations and laws.

The ISO 27701 standard, a PIMS (Privacy Information Management System) standard, lays out a detailed set of operational checklists that can be adapted to a variety of regulations, including GDPR. Companies document their policies, procedures, protocols and activities in line with the standard’s operational checklists, with records then audited by internal and third-party auditors, resulting in detailed proof of compliance with the standard. ISO 27701 helps companies to maintain an effective privacy and information security system and reduce privacy risks.

ISO 27701 is an impressive way of demonstrating to consumers, external organisations and internal stakeholders, that mechanisms are in place to keep data safe and to comply with GDPR and other privacy laws.

ISO 27701 is an extension of ISO 27001 which means that organisations intending to implement ISO 27701 certification must have ISO 27001, or complete both standards simultaneously.

ISO 27701 Certificates