What is ISO/IEC 27701?
ISO/IEC 27701 is an international standard that specifies requirements and provides guidance for establishing, implementing, maintaining and continuously improving a privacy information management system (PIMS). It extends ISO/IEC 27001 to specifically address privacy and the protection of personally identifiable information (PII), making it highly relevant for organisations acting as PII controllers or processors.
Why is ISO/IEC 27701 important?
In a world where personal data is handled by almost every organisation and privacy regulations are rapidly evolving, ISO/IEC 27701 offers a practical framework to demonstrate accountability and compliance. It helps organisations manage privacy risks by embedding privacy-specific controls into existing information security management systems. With its mappings to GDPR and other standards like ISO/IEC 29100 and ISO/IEC 27018, it supports alignment with legal requirements while improving stakeholder trust and operational transparency.
Benefits
- Strengthens data privacy and protection capabilities
- Helps demonstrate compliance with global privacy regulations such as GDPR
- Supports trust-building with partners, clients and regulators
- Aligns with existing ISO/IEC 27001 systems to streamline implementation
- Facilitates accountability and evidence-based privacy management
FAQ
Any organisation that collects, processes, stores or controls personally identifiable information (PII), including public, private and not-for-profit entities.
No. It is an extension of ISO/IEC 27001 and must be implemented in conjunction with it.
A privacy information management system (PIMS) is a structured framework for managing PII responsibly and in line with privacy laws and standards.
Общая информация
-
Текущий статус: В стадии разработкиЭтап: Уведомление направлено в секретариат. Начало голосования по окончательному проекту международного стандарта: 2 мес. [50.20]
-
Версия: 2
-
Технический комитет :ISO/IEC JTC 1/SC 27ICS :35.030
- RSS обновления
Жизненный цикл
-
Ранее
ОпубликованоISO/IEC 27701:2019
-
Сейчас
-
00
Предварительная стадия
-
10
Стадия, связанная с внесением предложения
-
20
Подготовительная стадия
-
30
Стадия, связанная с подготовкой проекта комитета
-
40
Стадия, связанная с рассмотрением проекта международного стандарта
-
50
Стадия, на которой осуществляется принятие стандарта
-
60
Стадия, на которой осуществляется публикация
-
90
Стадия пересмотра
-
95
Стадия, на которой осуществляется отмена стандарта
-
00