Privacy Information Management System (PIMS)
ISO 27701 of ISO/IEC 27701 is a Privacy Information Management System (PIMS) standard that is designed to help organizations comply with privacy laws around the world. In recent years, new data protection laws have been introduced in multiple countries that establish requirements for securing and processing Personally Identifiable Information (PII). However, it is not always clear how organizations should comply with these laws. ISO 27701 was introduced in 2019 and provides actionable guidance to help organizations conform to these varied regulations.
ISO/IEC 27701:2019 is an extension of ISO/IEC 27001, the information security management system (ISMS) standard. Where ISO/IEC 27001 sets a standard for secure IT governance in the broadest sense, ISO/IEC 27701 focuses specifically on protecting personal data.
ISO/IEC 27701 is the first standard of its type in the world and is applicable to public and private companies, government entities and not-for-profit organizations. It supports compliance with the EU’s GDPR, but is also applicable to personal data governance laws in all other geographies.
TÜV SÜD’s experienced ISMS teams possess the accreditation and expertise to conduct ISO/IEC 27001 and ISO/IEC 27701 audits across industries. Through our worldwide network of IT governance professionals, we can provide information security certification services no matter where you are. We have an in-depth understanding of the standard and have extensive experience helping organizations implement this kind of IT governance regulation.
Furthermore, TÜV SÜD’s experts actively participate in international standardization committees and we have a complete understanding of the latest PII regulatory developments around the world. And because we are vendor agnostic, our third-party audits are both impartial and independent, meaning your organization gains valuable insights from an unbiased expert.
TÜV SÜD has developed an efficient five-step process to support your ISO/IEC 27701 certification:
Complying with new privacy regulations such as the EU’s GDPR, California’s Consumer Privacy Act, India’s Personal Data Protection Bill or Brazil’s General Data Protection Law can be very challenging. However, by becoming ISO/IEC 27701 certified, your organization can indicate compliance with all these (and similar) requirements.
Contact us to find out more about ISO 27701 or to begin the ISO/IEC 27701 certification process.
Learn how ISO 27701 can help you successfully manage your organization's data privacy
Discover how ISO 27701 can bolster and protect your organization
Understand cybersecurity standards, regulations, and acts
Select Your Location
Bosnia and Herzegovina