Final Draft
International Standard
ISO/IEC FDIS 27701
Information security, cybersecurity and privacy protection — Privacy information management systems — Requirements and guidance
Reference number
ISO/IEC FDIS 27701
Edition 2
© ISO 2025
Окончательный проект Международный стандарт
недоступно на русском языке
В стадии разработки
Проект данного международного стандарта находится на этапе утверждения.
Текущее издание: ISO/IEC 27701:2019

What is ISO/IEC 27701?

ISO/IEC 27701 is an international standard that specifies requirements and provides guidance for establishing, implementing, maintaining and continuously improving a privacy information management system (PIMS). It extends ISO/IEC 27001 to specifically address privacy and the protection of personally identifiable information (PII), making it highly relevant for organisations acting as PII controllers or processors.

Why is ISO/IEC 27701 important?

In a world where personal data is handled by almost every organisation and privacy regulations are rapidly evolving, ISO/IEC 27701 offers a practical framework to demonstrate accountability and compliance. It helps organisations manage privacy risks by embedding privacy-specific controls into existing information security management systems. With its mappings to GDPR and other standards like ISO/IEC 29100 and ISO/IEC 27018, it supports alignment with legal requirements while improving stakeholder trust and operational transparency.

Benefits

  • Strengthens data privacy and protection capabilities
  • Helps demonstrate compliance with global privacy regulations such as GDPR
  • Supports trust-building with partners, clients and regulators
  • Aligns with existing ISO/IEC 27001 systems to streamline implementation
  • Facilitates accountability and evidence-based privacy management

 

FAQ

Any organisation that collects, processes, stores or controls personally identifiable information (PII), including public, private and not-for-profit entities.

No. It is an extension of ISO/IEC 27001 and must be implemented in conjunction with it.

A privacy information management system (PIMS) is a structured framework for managing PII responsibly and in line with privacy laws and standards.

Общая информация

  • Текущий статус
     : В стадии разработки
    Этап
    : Уведомление направлено в секретариат. Начало голосования по окончательному проекту международного стандарта: 2 мес. [50.20]
  • Версия
     : 2
  • Технический комитет :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030 
  • RSS обновления

Жизненный цикл

Появились вопросы?

Ознакомьтесь с FAQ

  2. Интернет-магазин
  3. Интернет-магазин
  4. ТК
  5. ISO/IEC JTC 1/SC 27
  6. ISO/IEC FDIS 27701